120 Oscp Jobs - Page 2

Hello Visionary! We empower our people to stay resilient and relevant in a constantly changing world. We’re looking for people who are always searching for creative ways to grow and learn. People who want to make a real impact, now and in the future. Does that sound like youThen it seems like you’d make a great addition to our vibrant team. We are looking for a Penetration Tester. This position is available for Chennai Location. You’ll make a difference by: Having experience in performing advanced penetration testing on networks, web & mobile applications, and systems. Having ability to Identify vulnerabilities, exploit weaknesses, and assess the security posture of various assets. Having ability to develop and maintain automated testing tools and scripts. Creating detailed reports outlining findings, risks, and recommended actions. Having Extensive experience in penetration testing, vulnerability assessment, and ethical hacking. Having Proficiency with penetration testing tools such as Metasploit, Burp Suite, Nmap, Nessus, and others. Strong understanding of network protocols, web and mobile applications, and operating systems. Maintaining documentation of testing methodologies, tools, and processes. Knowledge of scripting and programming languages (e.g., Python, Bash). You’ll win us over by: Having An engineering degree B.E/B.Tech/M.E/M.Tech with good academic record. 3-4 Years of relevant experience as Penetration Tester. Having Good command over English language (spoken & written) is non-negotiable. Working closely with business partners to understand their needs and translate them into technical requirements. Communicating findings, risks, and remediation strategies to both technical and non-technical stakeholders. Foster strong relationships with business units to ensure security measures align with business goals. Certification Preferred: Entry level certifications like CEH, eJPT, eWPT. Other certifications like eWPTX, OSCP is an advantage. We’ll support you with: Hybrid working Opportunities. Diverse and inclusive culture. Great variety of learning & development opportunities. Join us and be yourself! We value your unique identity and perspective, recognizing that our strength comes from the diverse backgrounds, experiences, and thoughts of our team members. We are fully committed to providing equitable opportunities and building a workplace that reflects the diversity of society. We also support you in your personal and professional journey by providing resources to help you thrive. Come bring your authentic self and create a better tomorrow with us. Make your mark in our exciting world at Siemens. This role is based in Chennai and is an Individual contributor role. You might be required to visit other locations within India and outside. In return, you'll get the chance to work with teams impacting - and the shape of things to come. We're Siemens. A collection of over 319,000 minds building the future, one day at a time in over 200 countries. Find out more about Siemens careers at

RedTeam Hacker Academy seeks a skilled Cyber Security Trainer to deliver hands-on training in CEH, CPENT, CySA+, and more. Must have strong tech skills, certifications, and a passion for teaching. Online/offline sessions + mentoring responsibilities.

Position - Ethical Hacker (Penetration Tester / Cybersecurity Analyst) Location: Gurgaon (onsite) Job Type: Full-Time Department: Cybersecurity / Information Security Job Summary We are seeking a skilled and motivated Ethical Hacker to join our cybersecurity team. As an Ethical Hacker, you will be responsible for identifying security vulnerabilities in systems, networks, and applications by simulating cyberattacks in a controlled and lawful manner. Your insights and recommendations will play a key role in strengthening our organizations security posture. Key Responsibilities: Conduct penetration testing on web applications, networks, systems, APIs, and mobile platforms. Identify and document security vulnerabilities, exploits, and misconfigurations. Use a variety of tools and techniques (manual and automated) to simulate real-world cyberattacks. Provide detailed reports and presentations to technical and non-technical stakeholders. Recommend and verify remediation strategies for identified vulnerabilities. Collaborate with developers, IT teams, and other stakeholders to improve security defenses. Stay current on cybersecurity trends, zero-day exploits, and new ethical hacking methodologies. Assist in compliance audits (e.g., ISO 27001, PCI-DSS, SOC 2). Participate in red teaming, blue teaming, and purple teaming exercises if applicable. Required Skills & Qualifications: Proven experience in penetration testing, vulnerability assessment, or related cybersecurity roles. Proficiency in tools such as Metasploit, Burp Suite, Nmap, Nessus, Wireshark, and others. Strong understanding of operating systems (Windows, Linux), networking, and web technologies. Familiarity with programming/scripting languages like Python, Bash, JavaScript, or PowerShell. Deep knowledge of OWASP Top 10, CVE, CVSS, and secure coding practices. Preferred Certifications CEH (Certified Ethical Hacker) OSCP (Offensive Security Certified Professional)

Penetration Tester (On-site, Hyderabad) with 2+ yrs in VA/PT. Must have OSCP/CRTP. Strong in exploit dev, code review, Burp, Metasploit, Nessus. Great scripting & reporting skills. Not for SOC/Cyber Analyst roles. Send resumes to hr@vatins.com

Must have industry recognised certifications (e.g. OSCP, OSCE, OSWP, OSWE, OSEECISSP, OSCP, CRT, CREST, CRTP) Senior Cyber Security Consultant Requirements: Minimum 5+ yearsofconsulting experience in Red Teaming/Pentestingand possesses industry recognised certifications (e.g.CISSP, OSCP, CRT, CREST, CRTP) Experienced and well versed in security testing domains. For example,red teaming, web/network/mobile/cloud/thick client vulnerability assessments and penetration testing. Proven experience in implementing proactive security solutions and integrating security into the software development lifecycle (SDLC). Ability to explain vulnerabilities and weaknesses in OWASP Top 10 and SANS Top 25 to any audience and discuss effective defensive techniques Familiarity with programming languages (e.g., Python, Bash, C#, or JavaScript). Responsibilities: Actively participate in security testing of web and mobile applications. Conduct thorough penetration tests on applications, systems, and networks to identify vulnerabilities. Support the internal and/or customer development team in the preparation, formalization, implementation and verification of security requirements following a Security by Design principle. Develop and execute hands-on DevSecOps programs, including penetration testing, automation, static/dynamic code analysis, threat modeling, and developer training. Ability to think like an attacker. Conduct secure design reviews and contribute to threat modeling exercises. Preparing reports at both technical and executive level, providing recommendations to an heterogeneous public. Plan, lead and execute projects, including team management. Stay up-to-date with the latest security trends, vulnerabilities, and industry best practices. Engage in continuous learning and research to improve your skills and contribute to the team's knowledge base. ,

Role: L3-Information Security Job Description: Primary Responsibility would be to manage the organizational practices for the following: Vulnerability Assessment Infrastructure(Cloud/Traditional DC) Penetration Testing Configuration Review Red Teaming Should be able to lead the team for delivery of Vulnerability Management operations. Conduct penetration testing as per the calendar activities and on demand request for Infrastructure Vulnerability Assessment. Conduct Vulnerability Assessment and Penetration Testing on Cloud Environment (AWS, GCP, Azure). Conduct configuration review as per the calendar activities and on demand request for server, database, network components. Identify and propose work around for critical vulnerabilities. Explain vulnerabilities to System owners and provide recommendations for mitigation Monitor progress of vulnerability mitigations and maintain track of remediation Provide advisory support to internal IT team for closure of identified vulnerability during the security testing Coordinate fixing of identified and accepted vulnerabilities with Airtel Payments Bank and Security Vendors. Stay abreast of newer trends in tools and technologies used for application security Develop POCs to demonstrate security issues Qualification: B.Tech, B.E, MCA or equivalent from a Recognized university At least 8 years of experience in similar role Certifications Preferred: OSCP, EC-council LPT. Hands on experience with popular security tools – Nessus, Metasploit, KALI Linux. Working knowledge of CIS Security benchmarks Has practical experience in auditing various OS , DB , Network and Security technologies

About the Opportunity Job Type: PermanentApplication Deadline: 31 August 2025 Title Cyber Security Operational Incident Manager - Technical Consultant Department Cyber Defence Operations - GCIS Location Kingswood, Surrey, Gurgaon, Bangalore Reports To Senior Manager - CDO Level 5 > About your team Technology function across FIL is responsible for all global aspects of Technology, Digital, Cybersecurity, and Innovation. Fidelity is a value-driven, customer-obsessed organization and in Technology we are fortunate to play a direct role in helping our clients with one of the most important aspects of their lives their financial well-being. Within the Technology function is our Global Cyber & Information Security (GCIS) that operates enterprise security services and controls. These are designed to mitigate Cyber and Information Security risks ensuring that Fidelity's business operates securely. The Technical Cybersecurity teams monitor both the internal and external threat environment, responding to security alerts and events in close to real time, as well as providing security assurance and access management services across the enterprise technology and business environment. Our global innovative Cyber Defence Operations team sits within GCIS and provides proactive, cutting-edge solutions to protect clients digital assets and infrastructure against evolving cyber threats. The Cyber Security Operational Incident Manager will be responding to and managing widespread security events and should have an understanding on how best to maintain CIRT teams skills and knowledge. The role will be supported by a global team of CIRT analysts who are looking at this role to provide them with direction and guidance during serious incidents. It will also be supported by a strong security leadership team and global incident management process who are keen to develop this capability. Our leadership team will be looking at this role to report on a number of key incident KPIs and provide assurance to our customers on the global operational security response process. About your role The successful candidate will be experienced in operational security incident management, including vulnerability management, understanding the value of rigorous planning, tested procedures and playbooks and quick response to critical security incidents. This is a critical role expected to develop and maintain our operational security incident management capability and help mature our global response processes. The successful candidate will be comfortable working at a technical level, proactively suggesting improvements to the incident playbooks whilst also being able to co-ordinate our front-line CIRT team during major events. The successful candidate will be able to demonstrate understanding of incident response tools and techniques, experience in responding to and managing widespread security events and an understanding on how best to maintain CIRT teams skills and knowledge. The role will be supported by a global team of CIRT analysts who are looking at this role to provide them with direction and guidance during serious incidents. It will also be supported by a strong security leadership team and global incident management process who are keen to develop this capability. Our leadership team will be looking at this role to report on a number of key incident KPIs and provide assurance to our customers on the global operational security response process. About you Key Responsibilities Own and be accountable for security incidents; taking the lead in driving global remediation activities Ensure simple, repeatable, manual tasks are automated within the Incident Response process Ensure a best-practice program is in place to manage and maintain our security response procedures Proactively develop and deliver new incident response capabilities, tooling and processes. Develop an incident management strategy, focussing on regular reviews and exercises. Create and deliver table-top and simulated exercises focussing on areas of risk identified by our Threat Intelligence team. Ensure the operational security process is consistently maintained across our global regions, taking into account different regulatory requirements and rules. Acting as the point of contact for our global business incident management team for all security related incidents. Run Post Incident Reviews and track and manage outcomes to delivery. Experience and Skills Required Experience and strong understanding of frontline security operations Experience running a vulnerability remediation programme or overseeing vulnerability teams would be advantageous Experience running complex security incidents at a global scale Experience creating or continually improving an incident management program Strong reporting ability, with an understanding on how to tailor reports to show improvements and learnings In depth understanding of modern attack techniques and flows Clear and demonstratable understanding of NIST and MITRE Att&ck Methodologies Experience in cloud environments (Ideally Azure) Strong communication skills with evidence of being in a position responsible for taking feedback from technical teams and turning this into improvements. Banking or Finance industry related experience desirable Security Incident Management Qualifications preferred Security Incident related qualifications (e.g SANS 504) At least 3 years of experience working in an Incident Response position. Experienced responding to global complex security events Experienced using NIST or MITRE frameworks to deploy defensive plans and/or actions Experience explaining the risk of security threats and creating mitigations. Experience of general IT infrastructure technologies and principles. Experience of using vulnerability management tooling e.g Nexpose, Qualys etc. Understanding of the underlying protocols including: HTTP, HTTPS, SMTP, SQL. Understanding of Networking Architecture (OSI Model). Analytical skills Challenge the current processes Passion for the cybersecurity field Time management Able to organize others Nice to Have Certifications - Security+, Network+, GCIA, GCIH, GCFA, GMON, GNFA, SSCP, OSCP For starters, well offer you a comprehensive benefits package. Well value your wellbeing and support your development. And well be as flexible as we can about where and when you work finding a balance that works for all of us. Its all part of our commitment to making you feel motivated by the work you do and happy to be part of our team.

Roles & Responsibilities: 1.Handling alerts and incident on XDR platform 2.Alert & incident triage and analysis 3.Proactively investigating suspicious activities 4.Log all findings, actions taken, and escalations clearly in the XDR and ITSM platform 5.Execute predefined actions such as isolating blocking IPs or disabling user accounts, based on set protocols. 6.Adhere to established policies, procedures, and security practices. 7.Follow-up with tech team for incident closure 8.Participating in daily standup and review meeting 9.L2 Analyst has responsibility to closely track the incidents and support for closure. 10.Working with logsource and usecase management in integrating log sources and developing & testing usecase 11.Work & support on multiple cybersecurity tool (DLP, GRC, Cloudsec tool, DAM) 12.Developing SOP / instruction manual for L1 team 13.Guiding L1 team for triage/analysis and assist in clousure of cybersecurity alert and incidents 14.Handle XDR alerts and followup with customer team for agent updates 15.Escalate more complex incidents to L3 SME for deeper analysis. Key Responsibilities: Security Monitoring & Incident Response Governance Define and maintain security monitoring, threat detection, and incident response policies and procedures.Establish and mature a threat intelligence program, incorporating tactical and strategic threat feeds.Align SOC operations with evolving business risk priorities and regulatory frameworks.Platform & Toolset Management Evaluate, implement, and enhance SIEM platforms, ensuring optimal log ingestion, correlation, and rule effectiveness.Assess and manage deployment of EDR, XDR, SOAR, and Threat Intelligence solutions.Maintain and update incident response playbooks and automation workflows.Ensure consistent platform hygiene and technology stack effectiveness across SOC tooling.SOC Operations & Threat Detection Oversee 24x7 monitoring of security events and alerts across enterprise assets.Lead and coordinate proactive threat hunting across networks, endpoints, and cloud.Manage and support forensic investigations to identify root cause and recovery paths.Govern use case development, log source onboarding, and alert/event triage processes.Regulatory Compliance & Incident Management Ensure timely and accurate incident reporting in compliance with RBI, CERT-In, and other authorities.Retain logs in accordance with regulatory data retention mandates.Enforce and monitor security baselines for endpoints, in line with internal and regulatory standards.Advanced Threat Management & Reporting Plan, conduct, and report on Red Teaming and Purple Teaming exercises to test detection and response capabilities.Participate in and contribute to the Risk Operations Committee (ROC) meetings and initiatives.Review and track SOC effectiveness through KPIs, metrics, and regular reporting dashboards. Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Required Qualifications: Bachelor’s or Master’s degree in Cybersecurity, Computer Science, or related field.3-7 years of experience in SOC management, incident response, or cyber threat detection roles.Hands-on expertise with SIEM (e.g., Splunk, QRadar, Sentinel), EDR/XDR tools, and SOAR platforms.Proven experience in playbook development, forensics, and threat hunting methodologies.Strong understanding of RBI/CERT-In incident reporting guidelines and log retention requirements.Familiarity with MITRE ATT&CK, threat modeling, and adversary emulation techniques. Preferred technical and professional experience Preferred Certifications: GCIA, GCIH, GCFA, CISSP, OSCP, CEH, CHFI, or similar certifications

Roles & Responsibilities: 1.Handling alerts and incident on XDR platform 2.Alert & incident triage and analysis 3.Proactively investigating suspicious activities 4.Log all findings, actions taken, and escalations clearly in the XDR and ITSM platform 5.Execute predefined actions such as isolating blocking IPs or disabling user accounts, based on set protocols. 6.Adhere to established policies, procedures, and security practices. 7.Follow-up with tech team for incident closure 8.Participating in daily standup and review meeting 9.L1 Analyst has responsibility to closely track the incidents and support for closure. 10.Escalate more complex incidents to L2 analysts for deeper analysis. 11.Work & support on multiple cybersecurity tool (DLP, GRC, Cloudsec tool, DAM) 12.Handle XDR alerts and followup with customer team for agent updates Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise Key Responsibilities: Security Monitoring & Incident Response Governance Define and maintain security monitoring, threat detection, and incident response policies and procedures.Establish and mature a threat intelligence program, incorporating tactical and strategic threat feeds.Align SOC operations with evolving business risk priorities and regulatory frameworks.Platform & Toolset Management Evaluate, implement, and enhance SIEM platforms, ensuring optimal log ingestion, correlation, and rule effectiveness.Assess and manage deployment of EDR, XDR, SOAR, and Threat Intelligence solutions.Maintain and update incident response playbooks and automation workflows.Ensure consistent platform hygiene and technology stack effectiveness across SOC tooling.SOC Operations & Threat Detection Oversee 24x7 monitoring of security events and alerts across enterprise assets.Lead and coordinate proactive threat hunting across networks, endpoints, and cloud.Manage and support forensic investigations to identify root cause and recovery paths.Govern use case development, log source onboarding, and alert/event triage processes.Regulatory Compliance & Incident Management Ensure timely and accurate incident reporting in compliance with RBI, CERT-In, and other authorities.Retain logs in accordance with regulatory data retention mandates.Enforce and monitor security baselines for endpoints, in line with internal and regulatory standards.Advanced Threat Management & Reporting Plan, conduct, and report on Red Teaming and Purple Teaming exercises to test detection and response capabilities.Participate in and contribute to the Risk Operations Committee (ROC) meetings and initiatives.Review and track SOC effectiveness through KPIs, metrics, and regular reporting dashboards. Preferred technical and professional experience Required Qualifications: Bachelor’s or Master’s degree in Cybersecurity, Computer Science, or related field.2 years of experience in SOC management, incident response, or cyber threat detection roles.Hands-on expertise with SIEM (e.g., Splunk, QRadar, Sentinel), EDR/XDR tools, and SOAR platforms.Proven experience in playbook development, forensics, and threat hunting methodologies.Strong understanding of RBI/CERT-In incident reporting guidelines and log retention requirements.Familiarity with MITRE ATT&CK, threat modeling, and adversary emulation techniques.Preferred Certifications: GCIA, GCIH, GCFA, CISSP, OSCP, CEH, CHFI, or similar certifications"

About the Role We are seeking a skilled and passionate Red Team Security Consultant to join our cybersecurity team. The ideal candidate will specialize in simulating adversarial tactics, techniques, and procedures (TTPs) to identify vulnerabilities and improve the organization's security posture. This role involves performing advanced penetration tests, simulating real-world attacks, and working with teams to implement effective remediation strategies Key Responsibilities Plan, execute, and document Red Team exercises mimicking advanced threat actors for medium to large enterprises. Conduct network penetration testing (VAPT), system vulnerability assessments, and security configuration reviews. Perform manual security assessments for web applications, APIs, and client-server applications. Simulate sophisticated attack chains including lateral movement, privilege escalation, and data exfiltration. Develop and execute custom attack payloads using tools and scripts. Assess physical security controls and implement social engineering assessments when required. Create and maintain custom tools/scripts in languages like Python, Bash, or PowerShell. Utilize and adapt adversary emulation frameworks such as MITRE ATT&CK, Cobalt Strike, and Metasploit. Collaborate with Blue Teams to improve detection and response mechanisms through Purple Team engagements. Basic Qualifications Education: BE/B. Tech/ MCA/ M. Sc. (IT/Computers) Experience: Required: 2 - 5 years. Excellent communication and collaboration skills. Preferred Qualifications Preferred Certifications: OSCP, OSCE, CRTP, eWPTX, Security+, CREST, CRTO. Desired Skill Set: Red Teaming, VAPT, Application Security (Web/Mobile/API). 2-5 years of relevant domain experience in VAPT, Red Teaming, and Application Security domains. Proficient in Application Security concepts, including OWASP Top 10 and OSSTMM. Experience with vulnerability scanning tools such as BurpSuite Pro, Nessus, OWASP ZAP, Kali Linux, Cobalt Strike, Caldera etc. Basic ability to write automation scripts (Bash or Python). Understanding of threat modeling and secure coding practices. Strong understanding of TTPs, threat modeling, and secure coding practices. Hands-on experience in Active Directory exploitation, phishing campaigns, and endpoint bypass techniques.

Position 1: Web and Network PT Consultant Proposed designation Consultant Role type Individual contributor Reporting to Work timings 12 PM to 9 PM Roles & responsibilities • Perform manual application penetration tests on one or more of the following to discover and exploit vulnerabilities: web applications, internal applications, APIs, internal and external networks, and mobile applications • Plan and execute network penetration testing and Red teaming assessments to simulate real-world attack scenarios. • Perform manual network and application penetration tests on internal network, Active Directory environment, web applications. • Perform social engineering assessment to assess the security awareness and physical security controls of the organization. • Ability to independently research for new vulnerabilities in systems and software and modify and customize tools, known exploits, POCs and scripts to meet operational requirement. • Research and stay up-to-date with the latest attack techniques, tools, and emerging threats. • Present technical reports to clients, explaining the outcomes of the testing and providing detailed insights and recommendations. • Collaborate effectively with cross-functional teams, including developers, IT operations, and business stakeholders to integrate security best practices seamlessly into project workflows. • Provide mentorship and guidance to junior security staff and foster a culture of proactive security awareness within the organization. This role is for you if you have the below • We are seeking an experienced and highly skilled Consultant with over 5+ years of working experience in the field of cybersecurity, including network penetration testing, vulnerability assessment, Active directory testing, phishing assessment and web application penetration testing. The ideal candidate will possess a strong working knowledge of Network protocols, performing OSINT to identify publicly available information and testing and exploiting Microsoft services like Windows Servers, Active directory, Certificate Services. Mandatory technical & functional skills JOB DESCRIPTIONS 2 • Perform manual application penetration tests on one or more of the following to discover and exploit vulnerabilities: web applications, internal applications, APIs, internal and external networks, and mobile applications • 5+ years of professional experience in cybersecurity, with a focus on Network penetration testing and Red teaming. • Strong understanding of Network protocols, web applications, cryptography, various operating systems and security technologies. • Strong understanding of exploitation of Microsoft platform used in enterprise environment such as windows Servers, Active Directory Certificate Service, Azure, etc. • Experience in one or more of the following a plus: Web application penetration testing, mobile application penetration testing application architecture and business logic analysis. • Relevant certifications, such as GWAPT, OSCP, OSEP, CRTP, CRTO, OSWA, are strongly preferred. Other information Interview process: Please expect 2-3 rounds of interview Does the job role involve travelling: No Does the busy season apply to this role: Seasonality of the work is dependent on the projects/ deliverable timelines Working location: Bangalore/Pune/Gurugram

Job Title: WebPT P1 - Consultant Location: Bangalore & Pune (Hybrid Role) Contract Duration: 6 Months Roles & Responsibilities: Perform automated testing of running applications and static code (SAST, DAST). Conduct manual application penetration tests on one or more of the following to discover and exploit vulnerabilities: Web applications Internal applications APIs Internal and external networks Mobile applications Experience in one or more of the following is a plus: Mobile application testing Web application pen testing Application architecture Business logic analysis Work on application tools to perform security tests, including: AppScan NetsSparker Acunetix Checkmarx Veracode BurpSuite OWASP ZAP Kali Linux Able to explain vulnerabilities such as: IDOR (Insecure Direct Object References) Second Order SQL Injection CSRF (Cross-Site Request Forgery) Provide root cause analysis and remediation guidance for identified vulnerabilities. Mandatory Technical & Functional Skills: Minimum three (3) years of recent experience working with application tools to perform security tests: AppScan NetsSparker Acunetix Checkmarx Veracode BurpSuite OWASP ZAP Kali Linux (or equivalent) Minimum three (3) years of performing manual penetration testing and code review against: Web applications Mobile apps APIs Minimum three (3) years of experience working with both technical and non-technical audiences in reporting results and leading remediation conversations. Preferred: One year of experience in the development of web applications and/or APIs. Ability to identify and work with new tools/technologies to plug and play on client projects as needed to solve the problem at hand. Certifications (Preferred but not required): GWAPT (GIAC Web Application Penetration Tester) CREST (Certified Testing Professional) OSCP (Offensive Security Certified Professional) OSWE (Offensive Security Web Expert) OSWA (Offensive Security Web Application) This is a 6-month contract role with hybrid work arrangements in Bangalore and Pune .

Description - External Job Description Overview: Research, learn, and continuously enhance your skills to replicate attacker tactics, techniques, and procedures. Relevant years of experience in web and embedded application penetration testing domains. Detect exploitable security vulnerabilities in mobile applications, source code, thick-client applications, APIs, embedded devices, firmware, cloud technologies and IIoT devices. Research and conduct fuzz test on products via communication interfaces such as Modbus, Wi-Fi, HTTP etc. Familiarity with Wireshark and Metasploit, focusing on exploiting vulnerabilities across various communication protocols in embedded devices. Capable of training product team and promoting security awareness. Qualifications - External Requirements Strong communication skills capable of explaining complex technical security issues to non-technical audiences. Knowledge of programming languages such as C, C++, Java, .Net. Preferred: relevant certifications such as OSCP, GWAPT, GXPN, GPEN, LPT, or other industry-recognized security certifications. Ability to efficiently validate remediation of security vulnerabilities.

LOOKING FOR IMMEDIATE JOINERS ONLY. Position: OSCP Penetration testing Location: Pune, Hyderabad, Trivandrum, Kochi, Bangalore, Chennai Mode: WFO MUST HAVE: OSCP certification is mandatory Job Description We are seeking a skilled and passionate Penetration Tester with hands-on experience in identifying vulnerabilities across mobile applications (iOS/Android) , web applications , infrastructure , and thick client environments . The ideal candidate will have a strong background in assessing the security posture of applications, systems, and networks, especially in a fast-paced fintech environment . Key Responsibilities Conduct penetration tests on web and mobile applications , networks , thick clients , and systems to identify vulnerabilities. Perform manual and automated testing to simulate cyber attacks and exploit potential security flaws. Create detailed reports of vulnerabilities including descriptions, proof of concepts, business impact , and actionable remediation steps . Perform retesting to validate fixes and confirm mitigations. Analyze security issues related to web apps, network protocols, OSs , and cloud platforms . Stay updated with the latest cybersecurity threats , vulnerabilities , and attack techniques . Coordinate with application and infrastructure teams during the assessment lifecycle and deliver clear, comprehensive reports. Requirements Proven experience as a Penetration Tester or in a cybersecurity role. Strong understanding of: OWASP Mobile Top 10 OWASP Web Top 10 MITRE ATT&CK framework Proficiency in tools such as: Burp Suite , Frida , MobSF , Nmap , Wireshark , Metasploit Hands-on experience with: SSL pinning bypass Jailbreak/root detection bypass Certificate validation flaws Mobile app reverse engineering Familiarity with operating systems like Windows , Kali Linux , and macOS Exposure to cloud platforms such as AWS , Azure , or GCP Knowledge of scripting/programming languages such as Python , Bash , or PowerShell (preferred) Relevant certifications are a strong advantage: CEH , OSCP , or similar Preferred Skills Prior experience in mobile application penetration testing Ability to work independently and manage time effectively Excellent communication skills , especially in conveying technical findings to non-technical stakeholders Skills Information Security,Data Analysis,Penetration Testing

Responsibilities Conduct security assessments on Web, Mobile and APIs REST/SOAP/GraphQL. Perform penetration tests on both public and private network infrastructure assets. Conduct adversary emulations and red teaming exercises, both internally and externally. Perform source code review for applications developed in different languages. Develop testing scripts and procedures to fulfil comprehensive assessment requirements. Produce executive and technical reports and provide recommendations based on findings. Conduct external and internal segmentation testing on client infrastructure. Develop penetration testing strategies and test cases for complex enterprise applications. Develop methodology documents and pre-engagement questionnaires for Penetration Testing and Vulnerability Assessment projects. Thoroughly document exploits chain/proof of concept scenarios for client use. Perform Red Team activities in coordination with the Security Operations Centre and incident response teams to validate Blue Team monitoring & detection processes. Essential Skills A minimum of 2 years of professional experience in Pentesting Development or scripting experience and skills. Strong knowledge of Web, Mobile and API Security assessments and source code review of applications. Excellent communication skills and ability to clearly articulate complex security issues. Strong interpersonal and presentation skills. Ability to work with minimal levels of supervision or oversight. Additional Desired Skills Knowledge of Cloud Security Assessments (AWS/Azure/GCP). Knowledge of Active Directory and Exploitation. Knowledge of phishing and social engineering simulations and tools. Familiarity with Malware Development & Defense Evasion Techniques. Experience in Bug Bounty programs. Education Requirements Bachelors in computer science/IT/Electronics Engineering, M.C.A. or equivalent University degree. At least one of the following certifications or similar is preferred: OSCP, PNPT or CRTP

About The Role Exciting opportunity for an experienced Security Incident Responder to join our IT Security team in Pune. Take a key role in driving success by enabling a seamless, global security incident response capability. This is a full-time, on-site position based in our Baner office. About You You have a curious mindset and are highly passionate about security engineering and the evolving role of AI in this domain. You also have: - Experience between 2 to 5 years working as a SOC Analyst, Incident Responder or Detection Engineer. - Knowledge applications of security frameworks DFIR, Cyber Kill Chain, MITRE ATT&CK. - Confidence and the ability to remain calm under pressure. It would be beneficial if you possess: - Understanding of software development practices, DevSecOps, enterprise security tools. - Knowledge Artificial Intelligence utilization within the Incident management process. - Awareness of regulatory environment and requirements (e.g. GDPR) - Experience securing cloud-based services (preferably hosted in AWS or Microsoft Azure cloud environments), combined with insight into vulnerability management and scanning tools. - Knowledge of techniques to tune SIEMs, threat hunting, and implementing security best practices. - Security qualifications e.g. GIAC Certifications, AWS, Azure, CEH, OSCP. Key Responsibilities - Act as Incident Commander, coordinating security incident response across teams and time zones, ensuring seamless handoffs. - Collaborate with in-house analysts and MDR partners for timely detection, alerting, and monitoring of security events. - Manage and triage security alerts, document incidents, and maintain detailed reports. - Develop, maintain, and test Incident Response playbooks while driving process and capability improvements. - Design use cases for automation and AI to enhance incident management speed and efficiency. - Review and optimize security platform configurations, ensuring compliance, stability, and alignment with IT best practices. Benefits and Perks Join us for a rewarding career with competitive compensation, leave entitlements, health coverage, and financial security. Enjoy work-life balance, growth, and recognition for your exceptional performance. Our team will unveil the intricacies of our benefit package during the selection process. Company Overview Hansen Technologies (ASX: HSN) is a global software and services provider, serving energy, water/utilities, and telecommunications industries. With customers in 80+ countries, we foster collaboration across 36 global offices. From 5G advancements to renewable energy transitions, we empower customers to overcome challenges, innovate, and drive new business models.

Role Name: Sr. Project Manager Job Description : Airtel Business is looking for Sr. Project Manager (Project Director), for managing the Cybersecurity & Managed Security Services to keep our fast-growing MSS portfolio on track. Location : Gurgaon Job Summary: This is an opportunity for a highly motivated individual to join a high energy team of Information security professionals responsible for managing Own 812 concurrent security projects, covering SIEM, SOAR, XDR, firewall management, and cloud security. This position is to be part of a global team, reporting to the Program Head. Be the face of delivery for CXOstranslate tech into business impact, run QBRs, and make renewals feel obvious. Keep us audit-ready (ISO 27001, PCI-DSS, RBI, IRDAI, GDPR, etc.) and drive root-cause fixes. Champion automation and shift-left security, bagging at least two efficiency wins every quarter. Responsibilities: An information security director is responsible for leading and overseeing the information security function. They are entrusted with protecting the confidentiality, integrity, and availability of the Customer information assets. The information security director develops and implements comprehensive strategies, policies, and procedures to identify and mitigate risks, ensure compliance with industry regulations, and respond effectively to security incidents. They work closely with stakeholders across the organization to promote a culture of security and to align information security practices with Client business objectives. Security operations director is responsible for managing the day-to-day activities of the security operations center (SOC) or incident response team. He/She oversee the monitoring of security events, investigations of security incidents, and coordination of incident response efforts. He/She work closely with other Bank teams to ensure timely detection, response, and resolution of security issues. In addition to strategic planning and risk management, the information security director plays a vital role in establishing governance frameworks and ensuring regulatory compliance. Some Common duties and responsibilities include: Strategic Planning: Develop and implement the organization's information security strategy, aligning it with business objectives and risk tolerance. Identify and prioritize security initiatives, establish security goals, and create a roadmap for their implementation. Risk Management: Conduct regular risk assessments to identify and evaluate potential security threats and vulnerabilities. Develop and implement risk mitigation strategies, including security controls, policies, and procedures. Monitor and manage security risks through ongoing assessments and the implementation of appropriate safeguards. Stakeholder Management – Sync with Sales, Pre-Sales, Finance, HR, and tech partners so everyone’s rowing in the same direction. Policy and Procedure Development: Establish and enforce information security policies, standards, guidelines, and procedures. Ensure that they align with industry best practices and regulatory requirements. Communicate and educate employees on security policies, promoting a culture of security awareness and compliance. Compliance and Regulatory Requirements: Stay abreast of relevant laws, regulations, and industry standards pertaining to information security. Ensure that the organization's security practices and controls are in compliance with applicable requirements. Liaise with regulatory bodies, auditors, and stakeholders to address compliance issues and maintain regulatory alignment. Incident Response and Management: Develop and maintain an incident response plan to address and manage security incidents effectively. Establish protocols for detecting, responding to, and recovering from security breaches or other security-related incidents. Coordinate with relevant teams to investigate incidents, implement remediation measures, and report on the outcomes. Security Awareness and Training: Develop and deliver security awareness and training programs for employees at all levels of the organization. Ensure that employees understand their role in maintaining information security and are equipped with the knowledge to identify and respond to security risks. Vendor Management: Assess and manage the security risks associated with third-party vendors and suppliers. Establish security requirements and standards for vendor contracts, conduct security assessments of vendors, and monitor ongoing compliance. Security Governance: Establish and maintain security governance frameworks and structures to ensure effective oversight and accountability. Participate in security committees and provide regular updates to executive leadership and the board of directors on the organization's security posture, risks, and compliance status. Security Incident Reporting and Communication: Develop and implement processes for reporting and communicating security incidents to appropriate stakeholders, including executives, legal counsel, and regulatory bodies. Ensure that incident reports are timely, accurate, and comprehensive. Continuous Improvement: Stay abreast of emerging threats, vulnerabilities, and technologies in the information security field. Continuously evaluate and enhance the organization's security posture, controls, and processes through regular reviews, audits, and testing. Travel – Up to 10 % across India Technical Skills: 15+ years in IT services with 8+ steering large, multi-tower security or ITOM programs; PMP or Agile cert helps. Strong knowledge in network & Information security Fundamentals. Deep, hands-on exposure to SIEM, SOAR, EDR/XDR, firewall and IPS/IDS stacks. Solid experience with AWS, Azure, or GCP controls, logging, and compliance tooling. Experience in handling large team of Information Security Professionals (>25 nos.) OT/ICS security, GenAI in SOC workflows, or experience with Scaled Agile frameworks. Familiarity with incident response techniques, intrusion prevention systems, information security methodologies, authentication protocols and different IT Security threat mechanisms. Comfortable running ITIL-aligned ops, SLAs, and continual-service-improvement cycles. Good extensive Knowledge of IT Security Standards (ISMS / ISO 27001, PCI-DSS, SOX, CMMi etc.) Mandatory Security Certification (either of CISA, CISM, CISSP, CIPP/R etc.)

Dear Candidate, We are hiring an engineer focused on API security to protect data and ensure secure service interaction. Key Responsibilities: Perform API threat modeling. Implement rate limiting, token validation, and encryption. Conduct audits and penetration tests. Required Skills & Qualifications: Familiarity with OAuth2, OpenID, mTLS. Hands-on with API gateways and security tools. Strong knowledge of secure coding principles. Soft Skills: Strong troubleshooting and problem-solving skills. Ability to work independently and in a team. Excellent communication and documentation skills. Note: If interested, please share your updated resume and preferred time for a discussion. If shortlisted, our HR team will contact you. Kandi Srinivasa Reddy Delivery Manager Integra Technologies

Position: VAPT Engineer Reporting to: Platform Lead Infrastructure Security Employment Type : Employee - Full Time Work Location: Guwahati Key Focus area : Infrastructure Penetration Tester Employment Type : Employee - Full Time Work Location: Guwahati Key Responsibilities : Identification and remediation of new vulnerabilities and risk analysis for Infrastructure is a key responsibility. Identifying and maintaining Key metrics and SLA on Infrastructure Security. Ensure that vulnerability assessments are performed to evaluate effectiveness of security controls in applications, middleware, databases, network and operating systems. Thorough experience in configurations reviews against CIS benchmarks and security standards. Ensure all Hardening and Patching activities are conducted and tracked as per defined policies. Create/Update hardening documents and build audit file for automated testing. Knowledge of current and emerging security threats and techniques for exploiting security vulnerabilities. Conduct security penetration testing to identify vulnerabilities and potential security risks along with designing and implement security solutions to protect enterprise systems, applications, data, assets, and people. Collaborate with cross-functional teams to ensure security measures are integrated into all aspects of the organization's operations. Perform Internal/ External Penetration Testing on Jio Infrastructure and producing reports with recommendations for detailed penetration testing findings. Sound understanding of Azure/GCP/AWS environment activities and Perform Vulnerability Assessment & Penetration Testing for networks (internal & external), applications, APIs & cloud assets along with Red & Purple Team assessments. Safeguarding information, infrastructures, applications, and business processes against cyber threats. Proactively create, share, and read reports as part of the penetration testing activities. Responsible for utilizing threat intelligence to identify new threats in our environment, coordinating with stakeholders to remediate identified vulnerabilities, and ensuring closure through thorough cross-validation. Qualification and Work Experience Qualification : BE / BTech (Similar Education Background) Work experience : 7-15 Years 7+ years of experience in Infrastructure Penetration Testing and Vulnerability Management including practical experience with Linux and Windows operating systems. Thorough understanding of Application and Infrastructure Architectures, and related vulnerabilities. Ability to interpret and prioritize vulnerability scan results into remediation actions and tracking those actions through to completion Working knowledge of ORACLE DB, MS SQL DB, MYSQL DB & Network Devices is required. Ability to analyse vulnerabilities to appropriately characterize threats and provide remediation advice. Familiarity with classes of vulnerabilities, appropriate remediation, and industry-standard classification schemes (CVE, CVSS, CPE). Extensive experience in vulnerability management, including the ability to forecast potential threats and develop proactive mitigation plans. Hands on experience in testing diverse infra components including various enterprise platforms such as private clouds, OpenShift infra, dockers/container infra etc. The candidate should be able to perform manual & automated penetration testing for internal, external perimeter, web applications, IT infrastructure, end-points, cloud etc. using hacking tools; e.g. Nuclei, Acunetix, BURP, Wireshark, Nmap, netcat, Firebug, Nessus, Kali OS, Parrot, Metasploit, Aircrack-ng. Preferred: Security related professional certification (e.g. CEH, CPENT, OSCP, OSCE, OSWE, GPEN, GWAPT or similar certifications) Preferred: Script writing skills (Python/Ruby/bash/PowerShell). Experience with security standards and frameworks such as ISO 27001, NIST, and PCI DSS. Preferred: Security solutions technologies such as IPS, firewalls, endpoint protection, web/email filtering, DLP, Digital rights management, encryption, SEIM, and virtualization platforms. Expertise in performing grey box/Black box testing. Experience devising methods to automate testing activities and streamline testing processes. Proven ability to develop and test Proof of Concept (PoC) exploits as part of vulnerability assessment and penetration testing exercises. Competencies /Expertise Required (Functional & Behavioral) Systematic strong analytical thinking and problem-solving skills. Excellent in analytical thinking for translating data into informative visuals and reports. Adaptable to change. Quick Learner Open learn and work on new technologies and products If you're interested, please share below mention details for the same. Location Preferred location Current Co Experience Current CTC Expected CTC Notice Period Offer in Hand Highest Education SSC % HSC % Graduation % University Name Regards, Ashwini Chakor

Why this job matters As an experienced Information Security Services provider, we will help lead a highly motivated team laser-focused on analysing, designing, developing and delivering solutions built to stop adversaries and strengthen your operations Our Competent individuals and Skilled leadership will provide you incident response, risk reviews and vulnerability assessments, identifying threats, all of which ladder up to driving secure solutions. What Ill be doing your accountabilities Accountable for delivering vulnerability assessments and penetration tests. Responsible for increasing individual technical skill whilst also delivering BAU. Accountable for increasing capability of the penetration testing team through web application, network & mobile skill acquisition. Accountable for support leadership in setting strategy for the team moving forward. Responsible for contributing to the positive research and technical capability of BT security. To support and maintain the BT Business Support Protect BT ISO27001 certificate for Offensive Security team The skills you need Pentest Skills Web application pen test (OWASP, NIST framework), Network pen test (Linux, windows), API & Mobile pen test. Networking Skills TCP/IP packet level understanding, Routing, Switching, firewall understanding. Linux Skills Linux directory structure & basic command line knowledge from pentest/vulnerability assessment standpoint. Vulnerability management- This requires understanding of vulnerability assessment framework (CVE/CVSS) and Security assessment tools (such as Nmap, Metasploit, Burp Suite, SQL map, Nessus) Regulatory Understanding- PCI DSS guidelines, GDPR. Leadership accountabilities Accountabilities of the job: Solution focused achiever: We need this person to focus on delivering exceptional penetration testing services Customer champion: we are transforming how we communicate with our customers and need responsible person with a customer-focused attitude. Change agent: We need a tester who sees our processes and immediately thinks of better ways to do what we are doing and then leads that change. Experience you would be expected to have Mandatory 2-4 Years experience in the field on pen testing. Mandatory Bachelors degree or higher preferred. CEH, OSCP, CREST, LPT certifications are highly preferred. Ability to understand packet level TCP/IP knowledge. Good scripting knowledge (e.g. Python) will be highly preferred. Capable of working successfully with end customers PREFERRED.

Job Summary: We are looking for enthusiastic Cyber Security Engineers with atleast 1 year of experience to join our dynamic team. The ideal candidate should have strong networking skills, extensive experience in Vulnerability Assessment and Penetration Testing (VAPT), and a solid understanding of network architecture, protocols, and security tools and the passion to learn, perfom and grow in the organisation. The role involves conducting in-depth security assessments on network devices and web applications, including the application of fuzzing techniques. Key Responsibilities: Vulnerability Assessment and Penetration Testing (VAPT): Lead and conduct comprehensive VAPT on network devices and web applications to identify and address security vulnerabilities. Network Security Expertise: Apply deep knowledge of network protocols, firewalls, IDS/IPS, and VPNs to ensure robust security across the network. Custom Security Tool Development: Develop and maintain custom security tools and scripts using Python, Bash, or PowerShell to enhance security assessments and automate processes. Network Tools Proficiency: Utilize tools such as Wireshark, Nmap, Nessus, Burp Suite, and others for network analysis and security testing. Security Assessments: Perform thorough security assessments on network devices, ensuring alignment with industry standards and best practices. Protocol Fuzzing Understanding: Apply protocol fuzzing techniques to uncover vulnerabilities in network devices and recommend effective remediation strategies. Communication: Clearly articulate complex security issues to both technical and non-technical stakeholders, ensuring a comprehensive understanding of risks and solutions. Continuous Improvement: Stay updated with the latest cybersecurity trends, threats, and technologies to enhance the organization's security posture. Qualifications: Experience: 1-2 years of relevant experience in cybersecurity, with a focus on networking, VAPT, and security assessments. Technical Skills: Strong networking skills and understanding of network architecture. Proficiency in network protocols, firewalls, IDS/IPS, and VPNs. Advanced programming skills in Python, Bash, or C/C++. Expertise in using network security tools (e.g., Wireshark, Nmap, Nessus, Burp Suite). Certifications: CEH, OSCP, or CRTP certifications are highly desirable. Communication: Excellent verbal and written communication skills, capable of conveying security concepts to diverse audiences. Problem-Solving: Strong analytical and problem-solving abilities, with keen attention to detail. Preferred Skills: Experience in security assessments on network devices. Understanding of web application fuzzing techniques. Ability to work independently and as part of a team. Education: Masters /Bachelors degree in Computer Science, Information Technology, Cyber Security, Electronics, Telecommunication or a related field (or equivalent experience).

The IZOT product line includes BMCs Intelligent Z Optimization & Transformation products, which help the worlds largest companies to monitor and manage their mainframe systems. The modernization of mainframe is the beating heart of our product line, and we achieve this goal by developing products that improve the developer experience, the mainframe integration, the speed of application development, the quality of the code and the applications security, while reducing operational costs and risks. We acquired several companies along We are looking for Application Security Engineer to take ownership of security testing for enterprise products deployed on mainframe environments. In this role, you will assess application-layer security risks, identify vulnerabilities in product implementations, and lead secure architecture reviews. The ideal candidate brings deep offensive security skills along with familiarity in testing applications running on or integrated with IBM mainframe systems. Primary Roles and Responsibilities: Conduct penetration testing and red teaming exercises targeting mainframe environments and the surrounding application ecosystem. Perform code-assisted and black-box penetration testing against enterprise applications/systems interacting with RACF, DB2, CICS, MQ, and related subsystems. Identify risks in authentication, authorization, data handling, and communications within mainframe-integrated products. Create threat models and guide product teams in mitigating high-impact vulnerabilities early in the SDLC. Drive remediation efforts through hands-on collaboration and secure design guidance. Author technical reports and deliver executive summaries tailored to various audiences. Stay current on vulnerabilities, exploits, and testing techniques relevant to legacy enterprise technologies and mainframe ecosystems. Assess common integration patterns (SOA, REST/JSON, MQ) for security risks. To ensure youre set up for success, you will bring the following skillset & experience: 3+ years of experience in penetration testing, with a specialization in systems/applications integrating with mainframe environments. Deep knowledge of mainframe communication protocols and security mechanisms. Demonstrated experience conducting red team-style assessments or advanced threat emulation on mainframe systems. Proficient in tools such as: Mainframe utilities: REXX, ISPF panels, NetView Security tools: Nmap, Burp Suite, Wireshark, custom scripts Strong scripting and automation skills (Python, REXX, Bash, or similar). Strong communication and leadership skills, with a proven ability to lead technical teams or projects. Experience producing board-level reports and presenting findings to stakeholders. Exposure to hybrid environments (mainframe to cloud integrations, modernization efforts). Familiarity with modern enterprise integration methods (REST, SOAP, MQ, FTP) that interface with mainframe services Whilst these are nice to have, our team can help you develop in the following skills: Industry certifications such as OSCP, OSCE, CRTP, GIAC GPEN, GXPN, or CISSP. Background in regulated industries such as banking, insurance, or government, where mainframes are core infrastructure. Knowledge of COBOL, PL/I, or other mainframe-centric programming languages. Experience with compliance standards like PCI-DSS, NIST, or SOX as they apply to mainframes.

Urgent Opening for Security Analyst - Hyderabad Posted On 20th Dec 2016 11:18 AM Location Hyderabad Role / Position Security Analyst Experience (required) 3+ Description Our Client is a leading IT company Title :Security Analyst Location : Hyderabad Department Operations Overview: The Security Analyst will take ownership of existing Operations controls from Security Engineers, and then improve those controls. : Develop and execute the Security Operations function Identify systems and scan for network vulnerabilities. Partner with TechOps and others to ensure the vulnerabilities discovered are closed in a timely manner Assess vendors for information security risk and recommend whether or leadership should accept the risk Report metrics and escalate issues with management as appropriate Monitor security logs to detect intrusions Coordinate incident response With guidance from the Lead Security Engineer, assess new releases of the product for security issues and approve the release on behalf of Security Monitor Security controls to discover deviations. Follow up to resolve deviations Review and approve network firewall rule requests : 3+ years of Information Security experience 1 year of experience with network, server, or application administration Basic knowledge of programming and scripting languages as well as HTML Thorough and detail-oriented Available to meet with US colleagues during US Central Time hours every working night and sometimes during US Pacific Time hours Excellent communication and interpersonal skills Self-starter eager to take on new challenges at a growing, cloud-based company Preferred: Security certification (e.g. CISSP, OSCP, CEH) Experience with any SIEM tool in SOC environment (ArcSight, Splunk, RSA enVision,etc.) Experience with application security methodologies such as OWASP Experience responding to external audits Send Resumes to girish.expertiz@gmail.com -->Upload Resume

Job Opportunity with Teamware for the Role _Penetration testing. Job Description: Responsibilities: Perform manual application penetration tests on one or more of the following to discover and exploit vulnerabilities: web applications, internal applications, APIs, internal and external networks, and mobile applications Perform manual code review against common programming languages (Java, .NET) Perform automated testing of running applications and static code (SAST, DAST) Create new testing methods to identify vulnerabilities and entry points that attackers may use to exploit applications, networks, and systems Provide technical leadership and advice to team members on penetration test engagements Operate independently with little to no guidance from Lead Specialists Converse with technical and non-technical audiences to articulate both testing processes, techniques and results Guide technical audiences on remediation options and assist them in weighing those options Partner with the Cyber teams to develop new testing techniques, automation for testing and marketing collateral to support the practice and mentor junior and offshore team members on tools and techniques in performing tests Qualifications: Formal programming experience is a must at least 6 months Minimum three (3) years of recent experience working with application tools to perform security tests: AppScan,NetsSparker,Acunetix, Checkmarx, Veracode, BurpSuite, OWASP ZAP, Kali Linux, or equivalent Minimum three (3) years of performing manual penetration testing and code review against web apps, mobile apps, and APIs Minimum three (3) years of working with technical and non-technical audiences in reporting results and lead remediation conversations Preferred three (3) years of experience in development of web applications and/or APIs Experience in one or more of the following a plus: mobile application testing, application architecture and business logic analysis Bachelor Degree from an accredited college/university or equivalent industry experience One or more major ethical hacking certifications not required but preferred; GWAPT, CREST, OSCP, OSWE, OSWA penetration,"Penetration Testing","Web application",OWASP,Oscp >>>>>>>>>> 1. This is for Permanent employment with Teamware Solutions. Are you fine with this(Y/N): 2. Your project location would be in Bangalore. Are you fine with this(Y/N): 3. This position has to work on Shift. Would you be fine? 4. Are you aware that our client has the option of converting you as a full-time employee during this project tenure, but it will be subject to your performance and also our client having a need to add a FTE? 5. Your Current CTC: 6. Your Expected CTC: 7. Total Exp | Rel Exp: 8. Your official notice period: 9. If selected, how fast can you join us (in days): 10. Do you have Notice period Buy out option (Y/N): 11. What would be best DAY & TIME for Telephonic /F2F interview on the weekdays? 12. Currently holding any offer(Y/N): 13. Reason for looking job change: 14. PAN CARD No : 15. Alternate contact number: Share your Relieving letter/ Resignation mail,Form-16,3 months payslips,Aadhar/ Pan card: Your earliest response will be highly appreciated!!!!!! Laya | Executive - Talent Acquisition Teamware Solutions a division of Quantum Leap Consulting Pvt. Ltd M : +91 7842100374 E: laya.t@twsol.com W : www.teamwaresolutions.net

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Security Information and Event Management (SIEM) Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :We are seeking a highly skilled and experienced Senior Threat Hunter with deep expertise in Microsoft Sentinel and Microsoft Defender for Endpoint (MDE). The ideal candidate will excel in advanced KQL query writing, hypothesis-driven hunting, detection engineering, and data visualization using Sentinel Notebooks and Workbooks. This role plays a critical part in proactively identifying threats, tuning detection logic, and enhancing our overall threat hunting capabilities.Key Responsibilities:- Write and optimize advanced KQL queries to detect malicious activities in Sentinel and MDE logs.- Conduct proactive threat hunting by forming hypotheses and correlating data across M365 Defender, Sentinel, and other sources.- Use Sentinel Notebooks (Azure ML/Log Analytics) and Workbooks to visualize hunt data and share findings with stakeholders.- Leverage MDE Advanced Hunting for in-depth endpoint telemetry analysis.- Integrate threat hunting with the MITRE ATT&CK framework, mapping TTPs and identifying gaps in coverage.- Collaborate with L3 analysts and detection engineers to fine-tune existing analytics rules and hunting queries.- Create and manage Sentinel Playbooks (Logic Apps) to automate threat response and investigation workflows.- Support continuous improvement of the threat detection lifecycle by contributing to new detection use cases and threat models.- Assist in Purple Team exercises and post-incident retrospectives by contributing hunt-driven insights. Professional & Technical Skills: - 5+ years of experience in cyber threat hunting, SOC operations, or detection engineering.- Strong proficiency in Kusto Query Language (KQL) with hands-on experience in Microsoft Sentinel and MDE.- In-depth knowledge of endpoint, network, and cloud telemetry (especially Microsoft ecosystem).- Experience using Sentinel Workbooks, Notebooks, and custom analytics rule creation.- Practical experience in hypothesis-driven threat hunting and developing custom detection rules.- Familiarity with MITRE ATT&CK framework and its use in mapping attacker TTPs.- Hands-on experience with Sentinel automation workflows using Logic Apps.- Microsoft SC-200:Microsoft Security Operations Analyst- Microsoft SC-100:Microsoft Cybersecurity Architect- GIAC GCFA/GCIA/GCED (or equivalent)- AZ-500:Microsoft Azure Security Technologies- OSCP (for offensive knowledge is a plus) Additional Information:- The candidate should have minimum 5 years of experience in Security Information and Event Management (SIEM).- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education