85 Oscp Jobs - Page 4

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Product Security Good to have skills : Security Architecture Design Minimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As an Automotive Cybersecurity Specialist, you will support the implementation and validation of security measures across vehicle systems and embedded platforms. You will assist in penetration testing, contribute to threat analysis activities, and help ensure secure communication and firmware integrity in alignment with automotive cybersecurity standards. Roles & Responsibilities: Assist in the execution of penetration testing activities targeting ECUs, in-vehicle communication networks, and diagnostic services to identify common vulnerabilities and misconfigurations. Support the use of automotive security tools such as CANoe, Wireshark, Scapy, and basic fuzzing frameworks to simulate attacks and gather system responses for analysis. Collect and organize logs, analyze test outputs, and document findings to assist senior security engineers in remediation and tracking of identified issues. Execute validation of standard UDS diagnostic services, including support for testing access controls, session management, and secure diagnostic configurations. Participate in asset identification and support foundational threat modeling efforts, including contributing to risk assessments and mitigation tracking under guidance. Assist in documenting security design considerations and implementation steps in alignment with ISO/SAE 21434 and internal cybersecurity processes. Collaborate with cybersecurity, software, and validation teams to support the integration of security controls across vehicle platforms. Continuously learn and apply core concepts of automotive cybersecurity, including secure communication, ECU hardening, and regulatory standards like WP.29 and ISO 26262. Professional & Technical Skills: 5+ years of experience in embedded systems, automotive engineering, or related fields, with growing specialization in cybersecurity principles and practices. Familiarity with in-vehicle communication protocols including CAN, UDS, and DoIP, with hands-on exposure to using tools such as CANoe, Wireshark, and Scapy for traffic analysis and basic attack simulation. Foundational understanding of penetration testing methodologies, vulnerability identification, and the use of fuzzers to evaluate ECU communication robustness. Exposure to diagnostics security concepts, including secure diagnostic sessions, seed-key mechanisms, and access control layers for UDS services. Basic knowledge of cybersecurity frameworks and risk assessment methodologies such as STRIDE, HEAVENS, and ISO/SAE 21434. Experience contributing to documentation of test results, secure design inputs, and mitigation reports under guidance from senior cybersecurity engineers. Understanding of secure firmware update concepts and cryptographic basics, including symmetric/asymmetric encryption, HSM usage, and key management fundamentals. Experience working in Agile or V-model development environments, collaborating with cross-functional teams including validation, software, and systems engineering. Demonstrated eagerness to learn new cybersecurity tools, standards, and technologies relevant to modern connected vehicle platforms. Strong analytical skills and attention to detail, with the ability to follow structured testing and security validation procedures. Additional Information: 3+ years' experience implementing and performing Automotive Cybersecurity Knowledge of tools like CANoe, Wireshark, or Ghidra. Basic understanding of ISO 21434, seed/key security, OTA updates, and cryptographic modules. This position is based at our Bengaluru office A 15-year full-time education is required Good to have Certifications in ISO 21434, CISSP, CEH, OSCP, GICSP Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Product Security Good to have skills : Security Architecture Design Minimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As an Automotive Cybersecurity Specialist, you will support the implementation and validation of security measures across vehicle systems and embedded platforms. You will assist in penetration testing, contribute to threat analysis activities, and help ensure secure communication and firmware integrity in alignment with automotive cybersecurity standards. Roles & Responsibilities: Assist in the execution of penetration testing activities targeting ECUs, in-vehicle communication networks, and diagnostic services to identify common vulnerabilities and misconfigurations. Support the use of automotive security tools such as CANoe, Wireshark, Scapy, and basic fuzzing frameworks to simulate attacks and gather system responses for analysis. Collect and organize logs, analyze test outputs, and document findings to assist senior security engineers in remediation and tracking of identified issues. Execute validation of standard UDS diagnostic services, including support for testing access controls, session management, and secure diagnostic configurations. Participate in asset identification and support foundational threat modeling efforts, including contributing to risk assessments and mitigation tracking under guidance. Assist in documenting security design considerations and implementation steps in alignment with ISO/SAE 21434 and internal cybersecurity processes. Collaborate with cybersecurity, software, and validation teams to support the integration of security controls across vehicle platforms. Continuously learn and apply core concepts of automotive cybersecurity, including secure communication, ECU hardening, and regulatory standards like WP.29 and ISO 26262. Professional & Technical Skills: 5+ years of experience in embedded systems, automotive engineering, or related fields, with growing specialization in cybersecurity principles and practices. Familiarity with in-vehicle communication protocols including CAN, UDS, and DoIP, with hands-on exposure to using tools such as CANoe, Wireshark, and Scapy for traffic analysis and basic attack simulation. Foundational understanding of penetration testing methodologies, vulnerability identification, and the use of fuzzers to evaluate ECU communication robustness. Exposure to diagnostics security concepts, including secure diagnostic sessions, seed-key mechanisms, and access control layers for UDS services. Basic knowledge of cybersecurity frameworks and risk assessment methodologies such as STRIDE, HEAVENS, and ISO/SAE 21434. Experience contributing to documentation of test results, secure design inputs, and mitigation reports under guidance from senior cybersecurity engineers. Understanding of secure firmware update concepts and cryptographic basics, including symmetric/asymmetric encryption, HSM usage, and key management fundamentals. Experience working in Agile or V-model development environments, collaborating with cross-functional teams including validation, software, and systems engineering. Demonstrated eagerness to learn new cybersecurity tools, standards, and technologies relevant to modern connected vehicle platforms. Strong analytical skills and attention to detail, with the ability to follow structured testing and security validation procedures. Additional Information: 3+ years' experience implementing and performing Automotive Cybersecurity Knowledge of tools like CANoe, Wireshark, or Ghidra. Basic understanding of ISO 21434, seed/key security, OTA updates, and cryptographic modules. This position is based at our Bengaluru office A 15-year full-time education is required Good to have Certifications in ISO 21434, CISSP, CEH, OSCP, GICSP Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Product Security Good to have skills : NA Minimum 12 year(s) of experience is required Educational Qualification : 15 years full time education Summary :AI Red Teaming Expert – Adversarial ML, Threat Simulation, and AI Security StrategyWe are seeking a highly experienced and visionary AI Red Teaming Expert 12+ years of experience across cybersecurity and machine learning. This role is ideal for professionals who thrive in dynamic environments and possess a passion for securing cutting-edge AI/ML systems. You will lead red teaming operations, simulate adversarial threats, and guide the organization's AI security posture at strategic and technical levels. The ideal candidate demonstrates deep technical expertise, exceptional leadership, and a keen understanding of adversarial machine learning and risk mitigation frameworks. Roles & Responsibilities: Define and execute the AI red teaming strategy across the organization. Simulate realistic and advanced adversarial attacks against AI/ML systems aligned with business contexts. Review AI/ML system architecture to identify security gaps and advocate for secure design patterns. Establish internal standards and workflows for AI threat modeling, risk assessment, and adversarial testing. Stay ahead of evolving adversarial ML threats and guide the development of defensive strategies. Contribute to secure development practices for model deployment pipelines and lifecycle management. Lead and mentor a specialized team of AI security analysts and red teamers. Represent AI security strategy in executive forums and drive cross-functional alignment. Collaborate with engineering, data science, compliance, and legal stakeholders to integrate security into AI innovation cycles. Drive internal policy-making efforts around responsible and secure AI development practices. Own and lead remediation initiatives, translating findings into actionable improvements across teams. Professional & Technical Skills: Exceptional communication and leadership skills with the ability to convey technical issues to non-technical stakeholders. Proven experience managing high-impact security initiatives and leading diverse teams. Strategic thinker capable of aligning AI security objectives with business goals. Passionate about AI safety, responsible innovation, and emerging threat landscapes. Strong analytical and problem-solving skills in high-pressure environments. Hands-on expertise in red teaming AI/ML systems at scale. Strong understanding of adversarial ML techniques, threat simulation tools, and AI model manipulation tactics. Experience implementing and aligning with frameworks such as OWASP Top 10 for LLMs, ISO 42001, NIST AI RMF. Proficiency in AI/ML pipeline security, model risk evaluation, and secure MLOps practices. Familiarity with deep learning frameworks (e.g., TensorFlow, PyTorch) and their associated vulnerabilities. Demonstrated ability to design, execute, and scale red teaming programs in AI-native environments. Additional Information:Bachelor's or Master's degree in Computer Science, Information Security, Machine Learning, or related field.Recognized certifications such as CEH, OSCP, CISSP, or credentials specific to AI security (e.g., MITRE ATLAS experience) are a plus. 12+ years of experience spanning cybersecurity, AI/ML, and adversarial testing This position is based at our Bengaluru office A 15 years full time education is required. Qualification 15 years full time education

Dear Candidate, We are hiring an Application Security Developer to integrate security into software development. Ideal for developers who understand both coding and security risks. Key Responsibilities: Perform secure code reviews and static analysis Implement security features in web and mobile applications Collaborate with DevOps to automate security in CI/CD Conduct developer training on secure coding Required Skills & Qualifications: Experience with static/dynamic analysis tools (SonarQube, Checkmarx) Knowledge of web security standards (OWASP, CWE) Strong programming skills (Java, Python, JavaScript) Bonus: Familiarity with DevSecOps practices Soft Skills: Strong troubleshooting and problem-solving skills. Ability to work independently and in a team. Excellent communication and documentation skills. Note: If interested, please share your updated resume and preferred time for a discussion. If shortlisted, our HR team will contact you. Srinivasa Reddy Kandi Delivery Manager Integra Technologies

Dear Candidate, We are hiring a Security Engineer to design and implement secure systems across cloud and application environments. Ideal for engineers excited about threat modeling and proactive defense. Key Responsibilities: Perform security assessments and code reviews Develop security policies and incident response procedures Implement security controls in cloud and on-prem environments Monitor for vulnerabilities and recommend mitigation Required Skills & Qualifications: Knowledge of OWASP Top 10, secure coding practices Experience with SIEM, IDS/IPS, and vulnerability scanners Familiarity with cloud security (AWS, Azure, GCP) Bonus: Certifications (CISSP, CEH, OSCP) Soft Skills: Strong troubleshooting and problem-solving skills. Ability to work independently and in a team. Excellent communication and documentation skills. Note: If interested, please share your updated resume and preferred time for a discussion. If shortlisted, our HR team will contact you. Kandi Srinivasa Delivery Manager Integra Technologies

Role & responsibilities Job Title: Senior Lead Engineer - Product Cyber Security Years Of Experience: 8-12 Years Role Overview: The Security Sr Lead Engineer/Tech Specialist works with product development teams across all regions globally to ensure commitment to the cyber security strategy of minimizing flaws and improving product resiliency to cyber-attacks by ensuring adherence to the integrated secure development lifecycle process, which embodies a secure-by-design defense in depth philosophy. You will be a strong technical expert in matters related to pentesting and cyber controls and will report to a team manager responsible for product architecture review and testing. This role is part of the Product Cyber team (under the Global DT Cyber team) which focuses on continuously improving the cyber posture of products that are often installed in customer's environments. On a typical day you will: Perform DAST, SAST & Pentest for different products Perform Threat Modeling and Architecture reviews for new products and design changes with existing products Handle Product Cyber Incident Response activities and Active contribution to Risk Management Work with product development teams towards secure DevOps activities and CI/CD integration issues with Security tools Work with product development teams and carry out functional cyber risk assessments to support their cyber requirements throughout the entire development cycle. Coordinate with quality and product development teams to periodically update cyber security design policies and ensure that these policies are incorporated into product design, with requirements for traceability and system validation and verification. Interface with global teams and share best practices and lessons learned Refine and support the standard work associated with product cyber security incident response management Work closely with the product testing teams to validate recommended security controls Continually enhance the capabilities of the Cyber security team: Identification of technology and methodology gaps Participation and leading technical and industry committees Creation of discipline health score card. Work in an environment of continuous improvement and lean process and product development. good to have knowledge in Agile methodologies. Stay updated on latest cyber security hacking news, technologies and methodologies including: The latest attack methodologies include penetration testing and red-team methodologies. Latest forensic and incident response methodologies. Attend security or hacker conferences and stay on the cutting edge What You Will Need to be Successful: Bachelor of Science/Engineering in cyber security, computer science or a related engineering discipline 8+ years of product cyber security engineering and software systems development experience; at least 4 years hands-on experience with penetration testing methodologies and tools. In depth knowledge of IEC 62443 and related cybersecurity standards. In-depth knowledge of requirements captures, cyber security threat modeling and systematic discovery of threats, as part of Secure Development Lifecycle, with broad understanding of potential vulnerabilities at different layers of hierarchical systems Cyber security certifications such as OSCP, GSEC, CEH Knowledge of state-of-the-art security analysis tools and various product cyber security safeguards. These include threat modeling, source code analysis, dynamic analysis, penetration testing and audit/compliance tools Excellent written and verbal communication and presentation skills. Adept at communicating with globally disperse cross functional teams. (Preferred) Strong knowledge in various cryptographic systems and requirements for authentication, authorization and encryption for various types of systems (Preferred) Intimate knowledge and experience with incident response management and risk assessment Preferred candidate profile

Job Description Minimum Qualifications 10+ years of experience in security engineering, detection engineering, or cloud security. Strong expertise in application security, API security, and SaaS-specific threat detection. Experience with SIEM, SOAR, and detection-as-code tools (e.g., Splunk, OpenSearch, KQL, Sigma). Proficiency in log analysis, security telemetry engineering, and anomaly detection in cloud applications. Experience integrating security controls into SaaS applications and microservices. Good programming and automation skills. Preferred Qualifications Experience with automated threat simulations, MITRE ATT&CK mappings, and adversary emulation. Knowledge of risk quantification methods and security metrics for executive reporting. Familiarity with cloud-native security tools. Hands-on experience in threat intelligence-driven detection engineering. Security certifications (e.g., GIAC GCDA/GCFA, AWS Security Specialty, GCP Security Engineer, OSCP). Career Level - IC5 Responsibilities 1. SaaS-Application Centric Detection Research & Engineering Develop and refine application-layer security detections for FAaaS, Spectra, and other critical LoBs, focusing on business logic abuse, API security threats, and identity-based attacks. Research and engineer detections for SaaS-specific attack vectors. Leverage detection-as-code frameworks (e.g., Sigma, OpenSearch, KQL) to automate the development and tuning of detection rules. Work closely with application security teams to enhance telemetry and ensure that security observability is embedded in SaaS products. 2. Proactive Security Controls & Mitigative Capabilities Move beyond traditional monitoring by implementing proactive security controls to mitigate threats before exploitation. Collaborate with development teams to integrate security controls into SaaS applications for real-time anomaly detection and automated response. Drive continuous security validation efforts through automated adversary simulation and detection effectiveness testing. 3. Cross-Team Integration & Real-Time Threat Intelligence Sharing Drive collaboration between Detection Engineering, Incident Response, and Red Teams by aligning detection research with real-world attack simulations and post-incident learnings. Develop automated feedback loops to reduce false positives, false negatives, and coverage gaps. Work with Incident Response to develop automated triage and enrichment mechanisms for SaaS security incidents. 4. Risk-Based Detection Engineering & Security Metrics Shift towards a risk-based detection approach, ensuring that high-impact threats are prioritized based on their potential financial and reputational consequences. Provide executive-level visibility into detection efficacy by quantifying the impact of mitigated threats and aligning detection efforts with business risk. Develop security dashboards and reporting to communicate detection outcomes, including risk coverage, adversary trends, and operational efficiency. 5. Proactive Threat Hunting & Data Anomaly Analysis Expand threat hunting and anomaly detection capabilities to identify previously unknown threats affecting SaaS customers and cloud applications. Utilize advanced data analytics and behavioral anomaly detection to identify stealthy attacks that evade traditional detection methods. Reduce reliance on SOC-driven escalations by proactively analyzing security telemetry for signs of compromise. Work closely with data scientists to enhance the use of ML/AI-driven security analytics for predictive threat detection. #LI-DNI

Job Description Design, develop, troubleshoot and debuSaaS Security Testing Services team is looking for Security Testing and Tools Engineers with various degree of experience in AppSec/Product Security field in Oracle India Development Center under the Oracle SaaS Cloud Security (SCS) organization. Oracle SaaS a.k.a. Oracle Cloud applications, built on machine learning, offer the most complete application suite with the best technology, enabling fast innovation with a modern UX and customer-first approach and one of the top strategic cloud services for Oracle. The SCS organization is responsible for securing enterprise-grade software services on behalf of our 25,000 customers, processing over 60 billion transactions per day. You will get the opportunity to join our efforts to reshape not only future of security testing and automation for Fusion App SaaS Services at Oracle but influence the security testing landscape across all the SaaS offerings. We are seeking hands-on, senior security analyst with the depth and breadth to evaluate complex web applications and technology stacks for security and build/code to address the security threats. You will have the opportunity to work in a cloud-scale environment using the latest security technologies/tools and collaborate with the best minds in the industry, to collectively stay ahead and respond to growing threats to cloud services. SaaS STS team will optimally engage in conducting white box/grey box application security testing - complementing what the development teams do in a more integrated and more coordinated setting through the security automation and tooling. SaaS STS team responsibilities will include implementation of Static Code Analysis, Dynamic App Security Testing/Fuzz Testing, Interactive / manual App security testing, facilitate automation of security verifications in CI/CD pipeline and evidence capturing for compliance audits. This position requires technical security knowledge and Cloud/DevSecOps or product development experience. Career Level - IC4 Responsibilities Job Requirements: MS or equivalent degree in computer science, or equivalent 6+ years of software engineering and technical leadership with proven results in software development, appsec and pen-testing Detailed exposure to web application pen test, forensics and intrusion handling The ideal candidate will have the following skills: Experience in product development or Security QA or penetration testing of Enterprise software, SaaS, IaaS or PaaS cloud services preferred Web application pen test, intrusion detection, vulnerability assessment Proficiency with Java, RESTful API, micro-services, Python. Experience in file system and operating system security analysis and attack vector detection Experience in database encryption methods and implementation, DB fuzzing and DB pen test Hands-on expertise on pen-testing of cloud applications and related infrastructure Understanding exploit mechanisms using CVEs for web services and microservices Should have worked on industry standard tools for security BURP, Web Inspect, Qualys, Nessus, REST API fuzzer, SAST tools etc. Ability to work in an agile and continuous software integration model. Security certifications like OSCP, LPT, ECSA, CISSP would be an added advantage Key Responsibilities You will work with Oracle Fusion Apps and other SaaS Services development teams to identify gaps in security testing and implement scalable solutions to improve security testing You will perform appsec and pen-testing of Oracle SaaS applications and infrastructure. You will implement automated security processes and security tooling in CI/CD pipeline. You will work with development teams and provide remediation mentorship to address any security findings You will evaluate and deploy new security tools and technologies to handle constantly evolving security threats landscape and support hyper-scale SaaS growth.

Conduct vulnerability assessments using industry-leading tools (e.g., Nessus, Tenable, Qualys). Develop and maintain vulnerability management processes, Analyze assessment results to identify and prioritize risks. Perform penetration testing.

Hi, We are looking to expand our Cyber Security Team. Job Location is Faridabad Role & responsibilities Cyber security and network security testing including operation of test equipment in accordance with Regulatory Standards and requirements. use his/her expertise and experience for testing, planning and report writing. Responsible for contributing to accomplishment of department goals and objectives. Full ownership of timely delivery of project. collaborate with cross-Functional teams. Stay up to date with emerging threats, vulnerabilities, testing tools, guidelines. Recommend best practices. Provide training to other team members as needed. Conduct multiple projects within tight deadlines. Testing report preparation and review. Participate in incident response activities as needed. Preferred candidate profile Graduate in computer Science/Information Technology/ Cyber Security. Must be CEH (EC Council). Highly motivated and certified in Ethical hacking and Network Security/Cyber Security. Expertise in penetration tests, vulnerability assessments and security audits on various computer systems, networks and applications to identify potential security risks and vulnerabilities. Strong knowledge of network protocols, operating systems, and security technologies. Experience with security tools such as Metasploit, Nessus, burp Suite and Wireshark. Also, OWASP top 10. Excellent analytical, problem-solving, and communication skills. Teamwork and management. Willingness to travel if required. Salary and benefits: Salary will be based on competency Other Benefits Medical and Accidental Insurance Transport facility (Nearest Metro station) Food facility 5 days/week Interested candidate please share your updated resume to nikita.singh@nemko.com or apply to this job here on naukri.com