1542 Penetration Testing Jobs - Page 25

Description & Requirements Job Description: Introduction: A Career at HARMAN Digital Transformation Solutions (DTS) We re a global, multi-disciplinary team that s putting the innovative power of technology to work and transforming tomorrow. At HARMAN DTS, you solve challenges by creating innovative solutions. Combine the physical and digital, making technology a more dynamic force to solve challenges and serve humanity s needs Work at the convergence of cross channel UX, cloud, insightful data, IoT and mobility Empower companies to create new digital business models, enter new markets, and improve customer experience. About the Role- Senior Penetration Tester with deep expertise in application security . The ideal candidate will be responsible for planning, executing, and documenting comprehensive penetration tests, including advanced manual testing techniques and contribute to strengthening our security posture by recommending practical solution principles and secure coding practices . What You Will Do Conduct comprehensive penetration tests on web/mobile/cloud applications, firmware, and hardware devices. Perform manual security testing beyond automated tools to uncover complex vulnerabilities. Analize systems and architecture to identify security risks and attack surfaces . Use industry-standard tools such as Metasploit, Burp Suite, Nmap, Wireshark, Nessus, and custom scripts for exploitation and reconnaissance. Simulate real-world attack scenarios to evaluate system resilience. Develop and present detailed reports with proof-of-concept (PoC) , risk assessments, and remediation guidance. Collaborate with development and DevOps teams to suggest secure coding practices and fix vulnerabilities at the root. Stay up to date with emerging threats, vulnerabilities, and industry trends. What You Need 8-10 years of hands-on experience in penetration testing (application and hardware). Strong knowledge of OWASP Top 10, SANS 25 , and common vulnerability patterns. Deep familiarity with exploit frameworks (e.g., Metasploit), reverse engineering , and hardware-level attack techniques (e.g., JTAG, UART, SPI). Experience analyzing and testing embedded systems, IoT devices, and network appliances. Ability to explain vulnerabilities to non-security stakeholders with clarity. Proven experience in crafting custom exploits or payloads . Solid understanding of secure development lifecycle (SDLC) and CI/CD pipeline integration. Certifications like OSCP, OSCE, GPEN, or similar are a strong plus. What is Nice to Have Knowledge of containerized environments. Familiarity with secure boot, firmware integrity , and hardware encryption modules . Contribution to bug bounty platforms or CVE submissions. What Makes You Eligible Any offer of employment is conditioned upon the successful completion of a background investigation and drug screen. Dedicated performer & team player with the ability to advocate appropriately for product quality. Relentless learner with a dedication to learn new technologies and test methods Self-driven and Innovative to drive continuous improvements in Test process Resourcefulness in triaging problems and coordinating with multiple teams for issue resolution Strong written, verbal communication and inter personal relationship skills You Belong Here HARMAN is committed to making every employee feel welcomed, valued, and empowered. No matter what role you play, we encourage you to share your ideas, voice your distinct perspective, and bring your whole self with you - all within a support-minded culture that celebrates what makes each of us unique. We also recognize that learning is a lifelong pursuit and want you to flourish. We proudly offer added opportunities for training, development, and continuing education, further empowering you to live the career you want. About HARMAN: Where Innovation Unleashes Next-Level Technology Ever since the 1920s, we ve been amplifying the sense of sound. Today, that legacy endures, with integrated technology platforms that make the world smarter, safer, and more connected. Across automotive, lifestyle, and digital transformation solutions, we create innovative technologies that turn ordinary moments into extraordinary experiences. Our renowned automotive and lifestyle solutions can be found everywhere, from the music we play in our cars and homes to venues that feature today s most sought-after performers, while our digital transformation solutions serve humanity by addressing the world s ever-evolving needs and demands. Marketing our award-winning portfolio under 16 iconic brands, such as JBL, Mark Levinson, and Revel, we set ourselves apart by exceeding the highest engineering and design standards for our customers, our partners and each other. Important Notice: Recruitment Scams Please be aware that HARMAN recruiters will always communicate with you from an @harman.com email address. We will never ask for payments, banking, credit card, personal financial information or access to your LinkedIn/email account during the screening, interview, or recruitment process. If you are asked for such information or receive communication from an email address not ending in @harman.com about a job with HARMAN, please cease communication immediately and report the incident to us through: harmancareers@harman.com. HARMAN is proud to be an Equal Opportunity / Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. Apply

Scientific Games: Scientific Games is the global leader in lottery games, sports betting and technology, and the partner of choice for government lotteries. From cutting-edge backend systems to exciting entertainment experiences and trailblazing retail and digital solutions, we elevate play every day. We push game designs to the next level and are pioneers in data analytics and iLottery. Built on a foundation of trusted partnerships, Scientific Games combines relentless innovation, legendary performance, and unwavering security to responsibly propel the global lottery industry ever forward. Position Summary Job Description Information Security Analyst: Develops and executes security controls, defenses and countermeasures to intercept and prevent internal or external attacks or attempts to infiltrate company email, data, e-commerce and web-based systems. Maintains hardware, software and network firewalls and encryption protocols. Administers cybersecurity policies to control physical and virtual access to systems. Performs network security audits and testing and evaluates system security configurations to ensure efficacy and compliance with policies and procedures. Conducts penetration testing and vulnerability assessments of applications, operating systems and/or networks. Responds to cybersecurity breaches, identifies intrusions and isolates, blocks and removes unauthorized access. Researches and evaluates cybersecurity threats and performs root cause analysis. Assists in the creation and implementation of security solutions. Provides information to management regarding impact on the business caused by theft, destruction, alteration or denial of access to information and systems. Supervisory Responsibilities This position has no supervisory responsibilities. Job Level Description Works on short-term assignments that often require the application of independent judgment. Fully competent, career-level individual contributor. Qualifications Education Bachelors degree in related field. Years of Related Experience Years of experience 5 to 8 years Physical Requirements The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. While performing the duties of this job, the employee is regularly required to sit, stand, walk, bend, use hands, operate a computer, and have specific vision abilities to include close and distance vision, and ability to adjust focus working with computer and business equipment. Work Conditions Scientific Games, LLC and its affiliates (collectively, SG ) are engaged in highly regulated gaming and lottery businesses. As a result, certain SG employees may, among other things, be required to obtain a gaming or other license(s), undergo background investigations or security checks, or meet certain standards dictated by law, regulation or contracts. In order to ensure SG complies with its regulatory and contractual commitments, as a condition to hiring and continuing to employ its employees, SG requires all of its employees to meet those requirements that are necessary to fulfill their individual roles. As a prerequisite to employment with SG (to the extent permitted by law), you shall be asked to consent to SG conducting a due diligence/background investigation on you. This job description should not be interpreted as all-inclusive; it is intended to identify major responsibilities and requirements of the job. The employee in this position may be requested to perform other job-related tasks and responsibilities than those stated above. SG is an Equal Opportunity Employer and does not discriminate against applicants due to race, color, sex, age, national origin, religion, sexual orientation, gender identity, status as a veteran, and basis of disability or any other federal, state or local protected class. If you d like more information about your equal employment opportunity rights as an applicant under the law, please click here for EEOC Poster .

Scientific Games: Scientific Games is the global leader in lottery games, sports betting and technology, and the partner of choice for government lotteries. From cutting-edge backend systems to exciting entertainment experiences and trailblazing retail and digital solutions, we elevate play every day. We push game designs to the next level and are pioneers in data analytics and iLottery. Built on a foundation of trusted partnerships, Scientific Games combines relentless innovation, legendary performance, and unwavering security to responsibly propel the global lottery industry ever forward. Position Summary Job Description Information Security Analyst: Develops and executes security controls, defenses and countermeasures to intercept and prevent internal or external attacks or attempts to infiltrate company email, data, e-commerce and web-based systems. Maintains hardware, software and network firewalls and encryption protocols. Administers cybersecurity policies to control physical and virtual access to systems. Performs network security audits and testing and evaluates system security configurations to ensure efficacy and compliance with policies and procedures. Conducts penetration testing and vulnerability assessments of applications, operating systems and/or networks. Responds to cybersecurity breaches, identifies intrusions and isolates, blocks and removes unauthorized access. Researches and evaluates cybersecurity threats and performs root cause analysis. Assists in the creation and implementation of security solutions. Provides information to management regarding impact on the business caused by theft, destruction, alteration or denial of access to information and systems. Supervisory Responsibilities This position has no supervisory responsibilities. Job Level Description Works on defined tasks that sometimes require the application of independent judgment. Developing individual contributor. Qualifications Education Bachelors degree in related field. Years of Related Experience Years of experience 2 to 5 years Physical Requirements The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. While performing the duties of this job, the employee is regularly required to sit, stand, walk, bend, use hands, operate a computer, and have specific vision abilities to include close and distance vision, and ability to adjust focus working with computer and business equipment. Work Conditions Scientific Games, LLC and its affiliates (collectively, SG ) are engaged in highly regulated gaming and lottery businesses. As a result, certain SG employees may, among other things, be required to obtain a gaming or other license(s), undergo background investigations or security checks, or meet certain standards dictated by law, regulation or contracts. In order to ensure SG complies with its regulatory and contractual commitments, as a condition to hiring and continuing to employ its employees, SG requires all of its employees to meet those requirements that are necessary to fulfill their individual roles. As a prerequisite to employment with SG (to the extent permitted by law), you shall be asked to consent to SG conducting a due diligence/background investigation on you. This job description should not be interpreted as all-inclusive; it is intended to identify major responsibilities and requirements of the job. The employee in this position may be requested to perform other job-related tasks and responsibilities than those stated above. SG is an Equal Opportunity Employer and does not discriminate against applicants due to race, color, sex, age, national origin, religion, sexual orientation, gender identity, status as a veteran, and basis of disability or any other federal, state or local protected class. If you d like more information about your equal employment opportunity rights as an applicant under the law, please click here for EEOC Poster .

Bravura’s Commitment and Mission At Bravura Solutions, collaboration, diversity and excellence matter. We value your ideas, giving you room to be curious and innovate in an exciting, fast-paced, and flexible environment. We look for many different skills and abilities, as well as how you can add value to Bravura and our culture. As a Global FinTech market leader and ASX listed company, Bravura is a trusted partner to over 350 leading financial services clients, delivering wealth management technology and products. We invest significantly in our technology hubs and innovation labs, which inspire and drive our creative, future-focused mindset. We take pride in developing cutting-edge, digital first technology solutions that support our clients to achieve financial security and prosperity for their customers. About The Role Bravura is a fast-moving finance technology company and managed service provider, supporting large financial services institutions across multiple jurisdictions. As a trusted data processor for our clients, security is at the core of what we do. Our business is evolving rapidly, and this is a unique role to help shape a growing information security function during a period of high-impact transformation. The Security Operations Analyst will support build out of our internal capability and partner closely with our outsourced SOC provider. This is a hybrid role combining incident response coordination, vulnerability management, and offensive security activities—including penetration testing support and remediation tracking. You’ll play a vital role in ensuring we meet both our internal security obligations and the high expectations of our financial services clients. What You’ll Do Act as the in-house lead for escalations from our third-party MDR/SOC, supporting triage, investigation, and coordination of incident response Support the vulnerability management programme such as scan scheduling, triage, risk prioritisation, and remediation tracking Coordinate internal and third-party penetration tests, supporting remediation efforts and reporting Ensure security operations support our obligations as a data processor and align with clients’ requirements Track and report on operational metrics and security KPIs Assist in developing and maintaining incident response playbooks and standard operating procedures Monitor the threat landscape to inform detection and response activities Support audits and client due diligence processes where required Unleash your potential To be successful in this role, your background and experience will include: 5+ years’ experience in a security operation, incident response, or SOC analyst role Experience working with (or within) an industry leading MDR/SOC provider Solid understanding of vulnerability management tools and risk-based remediation Familiarity with regulatory and client security expectations in financial services or highly regulated environments Knowledge of attack techniques and incident response frameworks (e.g. MITRE ATT&CK) Bonus: scripting/automation, cloud security experience (AWS/Azure), understanding of data protection principles Industry security certifications are a bonus. Working at Bravura Our people are the heart of our business. We work hard to provide a rich employee experience and a robust framework for ongoing career development. Competitive salary and employee benefits scheme. Flexible working hours, we value work-life balance. Maternity/ Parental (including secondary) leave policy. Cab facility available in Delhi/NCR. Meal facility available Free Medical Insurance So, what’s next? We make hiring decisions based on your experience, skills and passion so even if you don’t match every listed skill or tick all the boxes, we’d still love to hear from you. Please note that interviews are primarily conducted virtually and if you require any reasonable adjustments or would like to note which pronouns you use, please let us know. All final applicants for this position will be asked to consent to a criminal record and background check. Please note that people with criminal records are not automatically barred from applying for this position. Each application will be considered on its merits.

Role & responsibilities 1. Ability to conduct Vulnerability Assessments on systems, web applications, mobile applications and network devices. 2. Have basic knowledge of Penetration Testing & Exploitation. 3. Have Good Knowledge and experience of working on Application Level and Network Level Audit. 4. Should have the understanding of OWASP Top 10, SANS Top 25, NIST and other relevant framework. 5. Should have knowledge of server-side languages (any programming language). 6. Must be Familiar with Kali, Metasploit etc. 7. Should have good knowledge of Vulnerability Assessment tools - Application (Rational Appscan, Acunetix, Netsparker, Qualys, BurpSuit etc), Network (Nessus, Nexpose, NMap, OpenVAS etc.). Preferred candidate profile 1. B. Tech (CS/IT)/BCA/MCA/BSC/Diploma (No bar for deserving candidates). 2. CEH is mandatory. CHFI, OSCP, ECSA, ISO27k LA, etc. will be an added advantage. 3. Must have Good Communication skills. 4. Must be Passionate about information security.

Dear Candidate, We are hiring an engineer focused on API security to protect data and ensure secure service interaction. Key Responsibilities: Perform API threat modeling. Implement rate limiting, token validation, and encryption. Conduct audits and penetration tests. Required Skills & Qualifications: Familiarity with OAuth2, OpenID, mTLS. Hands-on with API gateways and security tools. Strong knowledge of secure coding principles. Soft Skills: Strong troubleshooting and problem-solving skills. Ability to work independently and in a team. Excellent communication and documentation skills. Note: If interested, please share your updated resume and preferred time for a discussion. If shortlisted, our HR team will contact you. Kandi Srinivasa Reddy Delivery Manager Integra Technologies

The candidate needs to have the following profile / experience: Experience with reverse engineering tools and techniques: Debuggers, decompilers, disassemblers, deobfuscators Static and dynamic binary analysis, binary injection Packet sniffers Solid knowledge and experience in ARM architecture exploitation. Solid experience in platform security, good understanding of OS internals & security features, bypassing SELinux controls, attacking secure boot sequence. Good C/assembly development skills Good understanding of security architecture of Linux, Android/iOS OS Good knowledge of networking protocols, Cryptography (RSA, SHA, AES, ), trusted execution environment, hardware security, etc. Experience in identifying vulnerabilities by source code analysis. Good writing skills to provide clear vulnerability reports and assist the developer to fix the vulnerabilities. Conduct penetration tests on web applications, mobile applications, and embedded systems to identify security vulnerabilities. Experience in the following topics is desirable: Anti-tamper tools and techniques Hardware attack vectors Malware analysis Networking protocols Roles and Responsibilities Activities are expected to be executed by the new team member, Own the project from the beginning to the end – scope clarification with the customer, test plan creation and effort estimations, execution according to the plan, reporting to the customer and follow-up on validation of the fixes Hands on security testing/reverse engineering (black/grey/white box depending on the project) Perform vulnerability research on a variety of Sony’s embedded devices (mostly ARM based) and windows-based products to identify previously unknown vulnerabilities affecting Sony products Perform security source code review (mainly C/C++) Development of security assessment tools and PoCs for the identified vulnerabilities Writing clear vulnerability reports and provide guidance to the development teams on fixing the security issues Documentation of knowledge and findings in the form of guidelines, checklists and examples to be used by development teams Being able to create and deliver demos advertising offensive security capabilities of the team to different audience

Responsibilities: Conduct comprehensive security assessments, including network penetration testing and vulnerability analysis, to identify security gaps in critical systems. Complete the projects within budgeted efforts and deliver high quality reports. Gain in-depth knowledge and understanding of enterprise networks Be involved in network architecture understanding, threat identification, vulnerability identification and control analysis. Be proactive in project planning and execution. Perform likelihood determination, impact analysis and risk determination. Showcase prioritization of risks including solution recommendation and documentation Identify and infer the business risk posed by the weaknesses identified during the assessments Engage with both business and technical teams within and outside the organization from a project scope definition, project execution, project closure perspectives Open for onsite deployments anywhere across the world as business demands Required Skills Expertise in network penetration testing. Expertise in configuration audit or vulnerability assessment of multiple OS and Network Device platforms Ability to handle difficult situations and to provide alternative solutions or workarounds Flexible and creative in helping to find acceptable solutions for customers Good communication and writing skills with the ability to talk to both businesspeople and technical people. Good to have Skills Experience with Wireless Penetration Testing, Firewall Rulebase Review. Experience with Network Architecture Review and Firewall Rule-base Audit Experience with testing different types of networks including VOIP, GSM, etc. Security certifications such as CRT, OSCP, ECSA, etc. Knowledge of Cryptography (symmetric and asymmetric encryption, PKI, etc.) Ability to work on multiple complex assignments simultaneously Ability to work independently with minimal oversight or in teams Knowledge of different standards such as PCI DSS, HIPAA, ISO, etc. #Eviden

Pen Tester - - - - - - - - - - - - Key Responsibilities The primary responsibility of this role will be to be part of the Blue team, in addition to fulfilling the penetration testing role. 1. Penetration Testing (Pentest) Conduct "security tests" on applications and systems in compliance with ethical standards and recognized methods. Evaluate vulnerabilities and assess their exploitability within the IT ecosystem. 2. Red Team Operations Actively participate in Red Team missions commissioned by the Group Security Team. Simulate real-world attack scenarios to assess defenses and identify improvement areas. 3. Threat Hunting Detect vulnerabilities across the IT landscape and ensure appropriate ticket creation and resolution. Continuously identify exploitable bugs and proactively address them. 4. Development Develop internal tools (scripts, software, APIs, web services) to enhance operational efficiency. Automate repetitive tasks and improve existing workflows using custom scripts or software solutions. 5. Security Expertise Provide security consultancy to various projects, supporting internal development teams with vulnerability remediation. Offer expertise on web technologies, Active Directory/Windows environments, and network systems security. 6. Collaboration and Coordination Collaborate with Global Security teams to deliver training, coaching, and best practices. Foster a culture of continuous improvement and proactive defense across teams. Desired Profile Technical Skills: Penetration Testing Expertise : Hands-on experience with HackTheBox , TryHackMe , or similar platforms. Experience managing Bug Bounty Programs as an Ethical Hacker using relevant tools. Proficiency in Burp Suite and IDA Pro (for reversing). Strong PowerShell scripting and general scripting capabilities. Web Development & Security : Understanding of web application development and deployment to simulate attacker perspectives. Expertise in penetration tests on web technologies , Active Directory/Windows environments , and networks . Familiarity with intrusion tests on industrial control systems is a plus. Programming & Scripting : Proficiency in languages such as Python , Java , Shell scripting , .NET , and PowerShell . Development experience for building tools, automation scripts, or utilities to improve security testing workflows. Network & System Security : Deep understanding of network security principles and systems security. Ability to detect and mitigate vulnerabilities effectively. Personal Attributes: Initiative and Autonomy : Ability to work independently with minimal supervision. Curiosity and Innovation : Strong curiosity to explore vulnerabilities and exploit potential bugs. Collaboration : Adept at working in cross-functional, international teams and different time zones. Communication Skills : Strong ability to articulate technical concepts to stakeholders effectively. Preferred Experience Experience : 10-12 years in cybersecurity roles with a strong focus on penetration testing, threat hunting, and tool development. Certifications : Relevant certifications like OSCP, CEH, GIAC, or similar credentials are preferred. Hands-On Exposure : Experience with web application and AD/Windows environment penetration tests and network intrusion detection.

Remote: This is a remote position, so you ll be working remotely from your home. You may occasionally visit a GoDaddy office to meet with your team for events or meetings. Join our team... Join our team at GoDaddy, the largest services platform for entrepreneurs worldwide. We empower over 21 million customers globally by providing essential tools and assistance to help them thrive online. GoDaddy s Product Security is looking for a Senior Security Engineer to join our organization. Do you want to be an information security leader at GoDaddy? We work out large-scale and cross-company security challenges while ensuring that partnership with the development and operational communities remains front of mind. At GoDaddy, Security Engineers apply their strong hands-on technical skills to craft scalable solutions for multiplex problems. You must be able to fluently communicate with GoDaddy Engineering teams, perform security assessments, prioritize security risks, and design. We as a team implement high-quality security engineering solutions. Expertise in application security, architecture reviews, threat modelling, code reviews and exposure to JS/python scripting is a must. What youll get to do... Identify security threats in applications and infrastructure and provide remediation mentorship to system owners by performing security certifications/review. Drive Security certification activities like architecture reviews, threat modeling, source code reviews, penetration testing, cloud security audit etc. Build tools to automate repeatable/reusable security processes and frameworks. Promote secure by design and secure by default development strategies. To own and drive the resolution of different security events, policy questions, and technical security risks. Support the security risk acceptance and exception processes, when required. Your experience should include... 10+ years of security engineering experience with expertise in Secure Development Lifecycle. Problem-solver with excellent interpersonal skills, and a deep technical understanding of security engineering. Required scripting skills in JS/Python. Experience in manual code reviews to assess consistency to secure coding standards, and compliance with project security requirements. Applying tooling to perform static code analysis and identifying security vulnerabilities. You might also have... Experience in developing software applications or security automation tools. DevSecOps experience with a focus on integrating SAST tools with the CI/CD pipeline. Weve got your back... We offer a range of total rewards that may include paid time off, retirement savings (e.g., 401k, pension schemes), bonus/incentive eligibility, equity grants, participation in our employee stock purchase plan, competitive health benefits, and other family-friendly benefits including parental leave. GoDaddy s benefits vary based on individual role and location and can be reviewed in more detail during the interview process.

Location: Noida, India Thales people architect identity management and data protection solutions at the heart of digital security. Business and governments rely on us to bring trust to the billons of digital interactions they have with people. Our technologies and services help banks exchange funds, people cross borders, energy become smarter and much more. More than 30,000 organizations already rely on us to verify the identities of people and things, grant access to digital services, analyze vast quantities of information and encrypt data to make the connected world more secure. Summary: We are seeking an experienced and certified in OSCP & ISA 62443 OT Cybersecurity professional to join our team. This role will be responsible for ensuring the security of operational technology (OT) systems and networks, including industrial control systems (ICS) and Supervisory Control and Data Acquisition (SCADA) systems. The successful candidate will possess strong offensive security skills, including penetration testing, vulnerability assessment, risk assessment and security awareness training, and be able to translate their expertise into practical security solutions within the OT environment. Must Have: Holding a valid OSCP (Offensive Security Certified Professional) certification. Holding a valid ISA/IEC 62443 certification issued by ISA. Skills and Experience : Bachelor s degree in computer science, Information security or a related field. Demonstrated experience in offensive security, penetration testing, and vulnerability assessment. Strong understanding of OT systems, networks, and industrial control systems (ICS). Strong knowledge of relevant security standards and regulations, such as NIST, ISO 27001, and IEC 62443. Experience with common penetration testing tools and methodologies. Good knowledge of ICS protocols like, modbus, zigbee, Ethercat, IEC 104, OpenADR, etc. Experience of creating secure and resilient OT/ICS architectures in water utility, Oil & Gas, or power domain. Ability to communicate technical information clearly and concisely to both technical and non-technical audiences. Excellent problem-solving and analytical skills. Ability to work autonomously and as part of a team. Hands experience of pen test tools like - Plcscan, Modscan, Kali Linux, Wireshark, Burp Suite, Nmap, Metasploit, ZAP, etc. Responsibilities Conduct comprehensive vulnerability assessments and penetration testing of OT systems and networks. Develop and implement security policies, procedures, and best practices specific to OT environments. Assist in the development and implementation of security solutions for OT systems, including firewalls, intrusion detection systems, and other security controls. Support incident response efforts within OT environments, including detection, containment, and eradication of security incidents. Collaborate with IT security teams and OT operations personnel to ensure a secure and resilient OT environment. Design and implement network segmentation, robust access controls, and advanced intrusion detection/prevention systems, fortifying the infrastructure against potential intrusions and attacks. Stay informed about emerging threats and vulnerabilities in the OT landscape. Document security findings and provide recommendations for remediation. Contribute to the development and maintenance of the organizations security program. Perform security compliance assessment against different parts of IEC 62443 standards. Conduct comprehensive risk analysis of OT systems and networks.

Pen Tester Key Responsibilities The primary responsibility of this role will be to be part of the Blue team, in addition to fulfilling the penetration testing role. 1. Penetration Testing (Pentest) Conduct "security tests" on applications and systems in compliance with ethical standards and recognized methods. Evaluate vulnerabilities and assess their exploitability within the IT ecosystem. 2. Red Team Operations Actively participate in Red Team missions commissioned by the Group Security Team. Simulate real-world attack scenarios to assess defenses and identify improvement areas. 3. Threat Hunting Detect vulnerabilities across the IT landscape and ensure appropriate ticket creation and resolution. Continuously identify exploitable bugs and proactively address them. 4. Development Develop internal tools (scripts, software, APIs, web services) to enhance operational efficiency. Automate repetitive tasks and improve existing workflows using custom scripts or software solutions. 5. Security Expertise Provide security consultancy to various projects, supporting internal development teams with vulnerability remediation. Offer expertise on web technologies, Active Directory/Windows environments, and network systems security. 6. Collaboration and Coordination Collaborate with Global Security teams to deliver training, coaching, and best practices. Foster a culture of continuous improvement and proactive defense across teams. Desired Profile Technical Skills: Penetration Testing Expertise : Hands-on experience with HackTheBox , TryHackMe , or similar platforms. Experience managing Bug Bounty Programs as an Ethical Hacker using relevant tools. Proficiency in Burp Suite and IDA Pro (for reversing). Strong PowerShell scripting and general scripting capabilities. Web Development & Security : Understanding of web application development and deployment to simulate attacker perspectives. Expertise in penetration tests on web technologies , Active Directory/Windows environments , and networks . Familiarity with intrusion tests on industrial control systems is a plus. Programming & Scripting : Proficiency in languages such as Python , Java , Shell scripting , .NET , and PowerShell . Development experience for building tools, automation scripts, or utilities to improve security testing workflows. Network & System Security : Deep understanding of network security principles and systems security. Ability to detect and mitigate vulnerabilities effectively. Personal Attributes: Initiative and Autonomy : Ability to work independently with minimal supervision. Curiosity and Innovation : Strong curiosity to explore vulnerabilities and exploit potential bugs. Collaboration : Adept at working in cross-functional, international teams and different time zones. Communication Skills : Strong ability to articulate technical concepts to stakeholders effectively. Preferred Experience Experience : 10-12 years in cybersecurity roles with a strong focus on penetration testing, threat hunting, and tool development. Certifications : Relevant certifications like OSCP, CEH, GIAC, or similar credentials are preferred. Hands-On Exposure : Experience with web application and AD/Windows environment penetration tests and network intrusion detection.

[{"Salary":null , "Posting_Title":"Trainer - Cyber Security" , "Is_Locked":false , "City":"Gadchiroli" , "Industry":"NGO / Social Services","Job_Description":" Handling students virtually and training and developing skills to be job ready for cybersecurity space. Provide cyber training at an intermediate level for software Engineering/Software development personnel. Preparing Study materials for training students via a variety of training methods for improving training deliveries. Handling student queries effectively and efficiently. Maintain training related to MIS (attendance, feedback forms evaluation scores and certificate issued). Conduct training sessions on cybersecurity fundamentals, ethical hacking, network security, malware analysis, and related topics. Stay updated with the latest cybersecurity trends, threats, and best practices. Conduct workshops and awareness sessions on cybersecurity Requirements Bachelor/Master degree in Cyber Security, Information Technology Computer Science, or a related field. Strong understanding of cybersecurity principles, network security, ethical hacking, firewalls, and intrusion detection systems. Hands-on experience with security tools, penetration testing, and vulnerability assessments. Good communication, presentation, and training skills. Prior experience in training, mentoring, or teaching is an added advantage.

Educational Bachelor of Engineering,Master Of Engineering Service Line Cyber Security Responsibilities Approx 5 years' experience as a Security Architect Bachelor's degree in information technology, security, or similar Experience in providing security architecture support to a large development organization Information security credentials such as IGP, CISSP or similar Well versed in cloud security on a generic level as well as AWSSecondary Skills: SAST and DASTSolid diplomatic and communication skills in EnglishThe candidate will primary work with security assessments and as part of that also be able to provide guidance on how to close security gaps The candidate will also be part of "shift left" for assessments to automate and minimize the manyal work involved It is also expected that the candidate will assist in creating an assessment " factory" with a streamlined process for approaching assessments Preferred Skills: Technology-Enterprise Architecture-Data / Information Architecture

We are looking forward to hire Penetration Testing - Web Professionals in the following areas : : Experience required: 4-6 years Security Vulnerability Assessment based on the OWASP security standard. Web penetration testing API penetration testing Mobile Pen testing Assess the criticality of the vulnerability based on the CVSS scoring and prepare the report Security Vulnerability Assessment: Strong Knowledge on the manual pen testing tools and activities; Ability to assess the application security by understanding the business and assess the criticality. Level Extensive Experience: In-depth understanding of API security and vulnerabilities, with hands-on experience in testing and securing RESTful and SOAP-based APIs. In depth knowledge on web penetration testing Knowledge on Android and IOS penetration testing. Proven experience in exploiting vulnerabilities across web applications, with the ability to demonstrate and escalate critical security flaws. Knowledge on Bugbounty Extensive experience with Burp Suite and its various extenders for advanced vulnerability scanning, manual testing, and exploitation. Proficient in using Postman for API testing and security validation. Desirable Certifications and Qualifications: Burp Suite Certified or equivalent professional certification OSWA (Offensive Security Web Assessor), OSWE (Offensive Security Web Expert), HTB Application Security Expert, or EWPTx (INE) certification Our Hyperlearning workplace is grounded upon four principles Flexible work arrangements, Free spirit, and emotional positivity Agile self-determination, trust, transparency, and open collaboration All Support needed for the realization of business goals, Stable employment with a great atmosphere and ethical corporate culture

Position: VAPT Engineer Reporting to: Platform Lead Infrastructure Security Employment Type : Employee - Full Time Work Location: Guwahati Key Focus area : Infrastructure Penetration Tester Employment Type : Employee - Full Time Work Location: Guwahati Key Responsibilities : Identification and remediation of new vulnerabilities and risk analysis for Infrastructure is a key responsibility. Identifying and maintaining Key metrics and SLA on Infrastructure Security. Ensure that vulnerability assessments are performed to evaluate effectiveness of security controls in applications, middleware, databases, network and operating systems. Thorough experience in configurations reviews against CIS benchmarks and security standards. Ensure all Hardening and Patching activities are conducted and tracked as per defined policies. Create/Update hardening documents and build audit file for automated testing. Knowledge of current and emerging security threats and techniques for exploiting security vulnerabilities. Conduct security penetration testing to identify vulnerabilities and potential security risks along with designing and implement security solutions to protect enterprise systems, applications, data, assets, and people. Collaborate with cross-functional teams to ensure security measures are integrated into all aspects of the organization's operations. Perform Internal/ External Penetration Testing on Jio Infrastructure and producing reports with recommendations for detailed penetration testing findings. Sound understanding of Azure/GCP/AWS environment activities and Perform Vulnerability Assessment & Penetration Testing for networks (internal & external), applications, APIs & cloud assets along with Red & Purple Team assessments. Safeguarding information, infrastructures, applications, and business processes against cyber threats. Proactively create, share, and read reports as part of the penetration testing activities. Responsible for utilizing threat intelligence to identify new threats in our environment, coordinating with stakeholders to remediate identified vulnerabilities, and ensuring closure through thorough cross-validation. Qualification and Work Experience Qualification : BE / BTech (Similar Education Background) Work experience : 7-15 Years 7+ years of experience in Infrastructure Penetration Testing and Vulnerability Management including practical experience with Linux and Windows operating systems. Thorough understanding of Application and Infrastructure Architectures, and related vulnerabilities. Ability to interpret and prioritize vulnerability scan results into remediation actions and tracking those actions through to completion Working knowledge of ORACLE DB, MS SQL DB, MYSQL DB & Network Devices is required. Ability to analyse vulnerabilities to appropriately characterize threats and provide remediation advice. Familiarity with classes of vulnerabilities, appropriate remediation, and industry-standard classification schemes (CVE, CVSS, CPE). Extensive experience in vulnerability management, including the ability to forecast potential threats and develop proactive mitigation plans. Hands on experience in testing diverse infra components including various enterprise platforms such as private clouds, OpenShift infra, dockers/container infra etc. The candidate should be able to perform manual & automated penetration testing for internal, external perimeter, web applications, IT infrastructure, end-points, cloud etc. using hacking tools; e.g. Nuclei, Acunetix, BURP, Wireshark, Nmap, netcat, Firebug, Nessus, Kali OS, Parrot, Metasploit, Aircrack-ng. Preferred: Security related professional certification (e.g. CEH, CPENT, OSCP, OSCE, OSWE, GPEN, GWAPT or similar certifications) Preferred: Script writing skills (Python/Ruby/bash/PowerShell). Experience with security standards and frameworks such as ISO 27001, NIST, and PCI DSS. Preferred: Security solutions technologies such as IPS, firewalls, endpoint protection, web/email filtering, DLP, Digital rights management, encryption, SEIM, and virtualization platforms. Expertise in performing grey box/Black box testing. Experience devising methods to automate testing activities and streamline testing processes. Proven ability to develop and test Proof of Concept (PoC) exploits as part of vulnerability assessment and penetration testing exercises. Competencies /Expertise Required (Functional & Behavioral) Systematic strong analytical thinking and problem-solving skills. Excellent in analytical thinking for translating data into informative visuals and reports. Adaptable to change. Quick Learner Open learn and work on new technologies and products If you're interested, please share below mention details for the same. Location Preferred location Current Co Experience Current CTC Expected CTC Notice Period Offer in Hand Highest Education SSC % HSC % Graduation % University Name Regards, Ashwini Chakor

Key Responsibilities: Good interpersonal skills (written and oral communication) and ability to articulate complex issues Ability to communicate technical information clearly and concisely, commensurate with the audience Conceptual thinking and communication skills the ability to conceptualize complex business and technical requirements into comprehensible models and templates. Good communicator (written and verbal) and listener. Must be a team player and motivated self-starter with ability to work independently with limited supervision. Must be assertive, methodical and detail oriented Technical Experience: Experience in Web and Mobile Application Security Testing, Vulnerability Assessment and Penetration testing Analyze scan reports and suggest remediation / mitigation plan for security vulnerabilities Should be aware of tools like Qualys, HP Fortify, IBM Appscan, Burpsuite, Kali Linux suite of tools Expertise in mobile apps reverse engineering and in-depth knowledge of Android and iOS ecosystems. Knowledge of industry standard tools for mobile pentest. Thorough understanding of OWASP Top 10 vulnerabilities and their mitigations. Knowledge of Network Security technology in areas of Firewall, IPS, VPN, Gateway security solutions (proxy, web filtering) Conduct penetration test and launch exploits using Nessus, Metaspoilt, kali linux penetration testing distribution tools sets Conduct Vulnerability Assessments of Network Devices using various open source and commercial tools Map out a network, discover ports and services running on the different exposed network and security devices Research and maintain proficiency in computer network exploitation, tools, techniques, countermeasures, and trends in computer network vulnerabilities, data hiding, network security, and encryption. In-depth understanding on Common Vulnerability Exposure (CVE)/ CERT advisory database. Broad background of networks, operating systems (Window, Unix, Linux), firewalls and security engineering concepts. Knowledge of scripting languages (Perl, Python, Shell etc) will be added advantage Knowledge of Open-Source Security Testing Methodology Manual (OSSTMM)

Why this job matters As an experienced Information Security Services provider, we will help lead a highly motivated team laser-focused on analysing, designing, developing and delivering solutions built to stop adversaries and strengthen your operations Our Competent individuals and Skilled leadership will provide you incident response, risk reviews and vulnerability assessments, identifying threats, all of which ladder up to driving secure solutions. What Ill be doing your accountabilities Accountable for delivering vulnerability assessments and penetration tests. Responsible for increasing individual technical skill whilst also delivering BAU. Accountable for increasing capability of the penetration testing team through web application, network & mobile skill acquisition. Accountable for support leadership in setting strategy for the team moving forward. Responsible for contributing to the positive research and technical capability of BT security. To support and maintain the BT Business Support Protect BT ISO27001 certificate for Offensive Security team The skills you need Pentest Skills Web application pen test (OWASP, NIST framework), Network pen test (Linux, windows), API & Mobile pen test. Networking Skills TCP/IP packet level understanding, Routing, Switching, firewall understanding. Linux Skills Linux directory structure & basic command line knowledge from pentest/vulnerability assessment standpoint. Vulnerability management- This requires understanding of vulnerability assessment framework (CVE/CVSS) and Security assessment tools (such as Nmap, Metasploit, Burp Suite, SQL map, Nessus) Regulatory Understanding- PCI DSS guidelines, GDPR. Leadership accountabilities Accountabilities of the job: Solution focused achiever: We need this person to focus on delivering exceptional penetration testing services Customer champion: we are transforming how we communicate with our customers and need responsible person with a customer-focused attitude. Change agent: We need a tester who sees our processes and immediately thinks of better ways to do what we are doing and then leads that change. Experience you would be expected to have Mandatory 2-4 Years experience in the field on pen testing. Mandatory Bachelors degree or higher preferred. CEH, OSCP, CREST, LPT certifications are highly preferred. Ability to understand packet level TCP/IP knowledge. Good scripting knowledge (e.g. Python) will be highly preferred. Capable of working successfully with end customers PREFERRED.

What youll be doing your accountabilities Leading a squad of skilled cyber security practitioners delivering new security controls and enhancements. Ensuring that delivery work is aligned with strategy and feeding outcomes and learning back into strategy. Developing Agile business cases in conjunction with key stakeholders. Prioritising squad work to deliver the greatest impact for the investment. Mobilising and overseeing end-to-end delivery of epics (from concept to closure). Ensuring that all required policies and procedures are complied with. Setting up and maintaining accurate epic financial forecasting and tracking glide-path to budget. Risk/issue and management. Managing change. Working across BT Group ensuring that deliveries of changes/risk controls are embedded in the operational organisation Working across BT Group ensuring that the operational effectiveness of delivered changes/risk controls are measured. Working across BT Group ensuring that benefits are realised and measured. Providing reporting to Security Portfolio Board (stakeholders up to BT CISO and BT CIO) and Security governance forums e.g. Security Council, Security Forum. Experience youd be expected to have MANDATORY 5+ years demonstrable experience of successfully leading complex, high value deliveries in an IT domain Excellent communication skills Strong stakeholder management skills Self-starter and able to manage time effectively Able to work accurately with numbers and data In receipt of formal training in Agile methodologies and can apply the knowledge to specific circumstances (accreditation doesnt need to be current) Demonstrable experience of successfully using Agile methodologies for delivery PREFERRED Degree or equivalent qualification/experience Experience leading complex cyber security deliveries Knowledge and experience of cyber assessment frame works Knowledge and experience of cyber risk management Experience of managing a significant budget in excess of 1m

Role Proficiency: Resolve enterprise trouble tickets within agreed SLA and raise problem tickets for permanent resolution and/or provide mentorship (Hierarchical or Lateral) to junior associates Outcomes: 1) Update SOP with updated troubleshooting instructions and process changes2) Mentor new team members in understanding customer infrastructure and processes3) Perform analysis for driving incident reduction4) Escalate high priority incidents to customer and organization stakeholders for quicker resolution5) Contribute to planning and successful migration of platforms 6) Resolve enterprise trouble tickets within agreed SLA and raise problem tickets for permanent resolution7) Provide inputs for root cause analysis after major incidents to define preventive and corrective actions Measures of Outcomes: 1) SLA Adherence2) Time bound resolution of elevated tickets - OLA3) Manage ticket backlog timelines - OLA4) Adhere to defined process - Number of NCs in internal/external Audits5) Number of KB articles created6) Number of incidents and change ticket handled 7) Number of elevated tickets resolved8) Number of successful change tickets9) % Completion of all mandatory training requirements Outputs Expected: Resolution: Understand Priority and Severity based on ITIL practice resolve trouble ticket within agreed resolution SLA Execute change control tickets as documented in implementation plan Troubleshooting: Troubleshooting based on available information from previous tickets or consulting with seniors Participate in online knowledge forums reference. Covert the new steps to KB article Perform logical/analytical troubleshooting Escalation/Elevation: Escalate within organization/customer peer in case of resolution delay. Understand OLA between delivery layers (L1 L2 L3 etc) adhere to OLA. Elevate to next level work on elevated tickets from L1 Tickets Backlog/Resolution: Follow up on tickets based on agreed timelines manage ticket backlogs/last activity as per defined process. Resolve incidents and SRs within agreed timelines. Execute change tickets for infrastructure Installation: Install and configure tools software and patches Runbook/KB: Update KB with new findings Document and record troubleshooting steps as knowledge base Collaboration: Collaborate with different towers of delivery for ticket resolution (within SLA resolve L1 tickets with help from respective tower. Collaborate with other team members for timely resolution of tickets. Actively participate in team/organization-wide initiatives. Co-ordinate with UST ISMS teams for resolving connectivity related issues. Stakeholder Management: Lead the customer calls and vendor calls. Organize meeting with different stake holders. Take ownership for function's internal communications and related change management. Strategic: Define the strategy on data management policy management and data retention management. Support definition of the IT strategy for the function's relevant scope and be accountable for ensuring the strategy is tracked benchmarked and updated for the area owned. Process Adherence: Thorough understanding of organization and customer defined process. Suggest process improvements and CSI ideas. Adhere to organization' s policies and business conduct. Process/efficiency Improvement: Proactively identify opportunities to increase service levels and mitigate any issues in service delivery within the function or across functions. Take accountability for overall productivity efforts within the function including coordination of function specific tasks and close collaboration with Finance. Process Implementation: Coordinate and monitor IT process implementation within the function Compliance: Support information governance activities and audit preparations within the function. Act as a function SPOC for IT audits in local sites (incl. preparation interface to local organization mitigation of findings etc.) and work closely with ISRM (Information Security Risk Management). Coordinate overall objective setting preparation and facilitate process in order to achieve consistent objective setting in function Job Description. Coordination Support for CSI across all services in CIS and beyond. Training: On time completion of all mandatory training requirements of organization and customer. Provide On floor training and one to one mentorship for new joiners. Complete certification of respective career paths. Performance Management: Update FAST Goals in NorthStar track report and seek continues feedback from peers and manager. Set goals for team members and mentees and provide feedback Assist new team members to understand the customer environment Skill Examples: 1) Good communication skills (Written verbal and email etiquette) to interact with different teams and customers. 2) Modify / Create runbooks based on suggested changes from juniors or newly identified steps3) Ability to work on an elevated server ticket and solve4) Networking:a. Trouble shooting skills in static and Dynamic routing protocolsb. Should be capable of running netflow analyzers in different product lines5) Server:a. Skills in installing and configuring active directory DNS DHCP DFS IIS patch managementb. Excellent troubleshooting skills in various technologies like AD replication DNS issues etc.c. Skills in managing high availability solutions like failover clustering Vmware clustering etc.6) Storage and Back up:a. Ability to give recommendations to customers. Perform Storage & backup enhancements. Perform change management.b. Skilled in in core fabric technology Storage design and implementation. Hands on experience on backup and storage Command Line Interfacesc. Perform Hardware upgrades firmware upgrades Vulnerability remediation storage and backup commissioning and de-commissioning replication setup and management.d. Skilled in server Network and virtualization technologies. Integration of virtualization storage and backup technologiese. Review the technical diagrams architecture diagrams and modify the SOP and documentations based on business requirements.f. Ability to perform the ITSM functions for storage & backup team and review the quality of ITSM process followed by the team.7) Cloud:a. Skilled in any one of the cloud technologies - AWS Azure GCP.8) Tools:a. Skilled in administration and configuration of monitoring tools like CA UIM SCOM Solarwinds Nagios ServiceNow etcb. Skilled in SQL scriptingc. Skilled in building Custom Reports on Availability and performance of IT infrastructure building based on the customer requirements9) Monitoring:a. Skills in monitoring of infrastructure and application components10) Database:a. Data modeling and database design Database schema creation and managementb. Identify the data integrity violations so that only accurate and appropriate data is entered and maintained.c. Backup and recoveryd. Web-specific tech expertise for e-Biz Cloud etc. Examples of this type of technology include XML CGI Java Ruby firewalls SSL and so on.e. Migrating database instances to new hardware and new versions of software from on premise to cloud based databases and vice versa.11) Quality Analysis: a. Ability to drive service excellence and continuous improvement within the framework defined by IT Operations Knowledge Examples: 1) Good understanding of customer infrastructure and related CIs. 2) ITIL Foundation certification3) Thorough hardware knowledge 4) Basic understanding of capacity planning5) Basic understanding of storage and backup6) Networking:a. Hands-on experience in Routers and switches and Firewallsb. Should have minimum knowledge and hands-on with BGPc. Good understanding in Load balancers and WAN optimizersd. Advance back and restore knowledge in backup tools7) Server:a. Basic to intermediate powershell / BASH/Python scripting knowledge and demonstrated experience in script based tasksb. Knowledge of AD group policy management group policy tools and troubleshooting GPO sc. Basic AD object creation DNS concepts DHCP DFSd. Knowledge with tools like SCCM SCOM administration8) Storage and Backup:a. Subject Matter Expert in any of the Storage & Backup technology9) Tools:a. Proficient in the understanding and troubleshooting of Windows and Linux family of operating systems10) Monitoring:a. Strong knowledge in ITIL process and functions11) Database:a. Knowledge in general database management b. Knowledge in OS System and networking skills Additional Comments: Job Title: Threat Hunter | VAPT Analyst Role Overview: We are seeking a versatile cybersecurity professional who will serve as a Threat Hunter, and VAPT Analyst, responsible for proactively identifying cyber threats, assessing security vulnerabilities, and mitigating email-based attacks. This role requires expertise in threat hunting, and penetration testing, combining advanced technical skills with strong analytical capabilities. The ideal candidate will play a pivotal role in strengthening the organization's cybersecurity posture. Responsibilities: Threat Hunting - Proactively hunt for undetected threats within the organization's networks, systems, and endpoints using threat intelligence and behavioral analysis. - Identify patterns, TTPs (Tactics, Techniques, and Procedures), and anomalies that indicate potential threats or APT activity. - Leverage threat intelligence feeds and MITRE ATT&CK framework to create detection use cases and hypotheses. - Work closely with SOC teams to improve detection rules and accuracy. - Perform forensic investigations and root cause analysis of incidents and suspicious activities. - Develop custom scripts and queries to automate hunting activities (e.g., with EDR, SIEM, XDR tools). - Generate threat hunting reports, indicators of compromise (IOCs), and actionable recommendations. Vulnerability Assessment and Penetration Testing (VAPT) - Conduct vulnerability assessments and penetration tests on systems, applications, and networks. - Identify and analyze critical vulnerabilities, and deliver detailed, actionable reports. - Use automated tools (e.g., Nessus, Burp Suite, Nmap, Metasploit) and manual testing techniques. - Ensure VAPT processes align with compliance and internal policies. - Perform regular and ad-hoc assessments, including web apps, databases, wireless, and APIs. - Provide recommendations for remediation and validate fixes through re-testing. - Maintain up-to-date knowledge of evolving vulnerabilities and attack methods. Qualifications: - Bachelor's degree in Computer Science, Information Security, or related discipline. - 5+ years of experience in a cybersecurity role encompassing threat hunting, and VAPT. - Expertise in VAPT tools and methodologies (e.g., Nessus, Burp Suite, Metasploit, OWASP Top 10). - Strong experience with SIEMs, EDR platforms, threat intel, and threat hunting frameworks (MITRE ATT&CK). - Proficiency in scripting (Python, PowerShell, Bash) for automation and analysis. - Excellent problem-solving, investigative, and reporting skills. - Strong communication and interpersonal skills. - Certifications such as OSCP, CEH, GIAC (GCIH/GPEN/GWAPT), CISSP, or CESM are highly preferred. Required Skills Soc,TTP,Troubleshooting

!!Hiring for CMM5 Level Organization!!Collaborate with IT security teams to develop and implement effective security policies and procedures, SOP and supporting documents.Create and deliver cyber security awareness training programs Required Candidate profile Designation: Cyber Security awareness Experience:6 Month to 1 Year Location:Ghansoli Qualification:Graduation Contact:snehapawar@peshr.com/7021769496

Lead, mentor, and grow a high-performing penetration testing team while fostering an engaging, inclusive, and collaborative work environment. Grow and manage a team of security engineers, offering guidance, performance feedback, and career development opportunities. Collaborate with cross-functional teams, including Engineering, Product Management, and other Security teams, to embed security testing at the right times during the product development process. Act as a thought leader in security testing, representing Atlassian in external forums, conferences, and engagements. Oversee the design, execution, and automation of penetration testing processes. Stay ahead of emerging security threats and industry trends, driving innovation in security testing approaches and tools. Provide expert guidance on complex security vulnerabilities, risks, and mitigations to stakeholders at all levels. Establish and track meaningful metrics to measure the success and impact of the security testing program. ","qualifications":" Extensive experience in security engineering: 10+ years in application security, penetration testing, or related fields, with at least 3+ years in a leadership or managerial role. Leadership skills: Proven experience leading and mentoring security engineers, with a track record of building and scaling high-performing teams. Technical expertise: In-depth knowledge of secure software development practices, common vulnerabilities (e.g., OWASP Top 10, CWE), and testing tools (e.g., Burp Suite and SAST/DAST tools). Cloud security knowledge: Strong understanding of cloud-native security testing methodologies, including AWS, GCP, or Azure environments. Collaboration communication: Excellent interpersonal and communication skills, with the ability to influence and build rapport with technical and non-technical stakeholders. Problem-solving mindset: Ability to think critically, identify gaps, and implement creative and scalable solutions. It s Great, But Not Required, If You Have: Experience with DevSecOps and integrating security testing into CI/CD pipelines Experience with running a penetration testing function in large enterprises Delivered industry presentations or written research papers Contributions to open source security or penetration testing tools Experience in performing penetration testing on AI products CVE s to Benefits Perks Atlassian offers a wide range of perks and benefits designed to support you, your family and to help you engage with your local community. Our offerings include health and wellbeing resources, paid volunteer days, and so much more. To learn more, visit

In this role you will be responsible for Penetration Testing and Manual Code Review across Atlassians vast products and systems. You will lead and support others in technically validating the state of Atlassian s technical security, working closely with our security teams and engineering groups. Day-to-day this person will be: Highly experienced in offensive security, penetration testing and application security Providing SME knowledge and guidance to engineering teams Skilled with common exploitation frameworks such as Metasploit, Core Impact Canvas Working knowledge of KALI Linux or other testing distributions and most of the tools within Able to automate pen testing/code review testing workflows and tasks Analysing vulnerability data for trends, gaps Assessing Atlassian s estate and products for potential pen testing scope items On your first day, well expect you to have: The ability to complete a penetration test and code review of a modern cloud application Worked in a senior penetration testing/application security role Experience in automating a testing workflow Experience leading security projects or complex penetration tests Strong, practical understanding of security testing methodologies, supporting infrastructure requirements and awareness of legal considerations Strong collaboration and communication skills when working with closely with deeply technical development and infrastructure teams Experience working with security operations teams to develop detection logic Comfortable operating in and reviewing modern cloud technologies from providers such as AWS, Azure and GCP Its great, but not required, if you have: CVE s to Contributions to open source security software or penetration testing tools Delivered industry presentations Certifications: OSCP, OSCE, OSWE, CREST CRT, GPEN

Cyber Security Engineer II Honeywell Building Technologies is a global leader for products and technologies that are installed in over 10 million buildings in more than 75 countries. Honeywell software and products address key energy challenges, keep people and places safe, enhance the building occupant experience, and improve critical infrastructure. The business also takes a secure-by-design approach to its product development and ensures that its products are optimized for the people who use them the building owner, operator, occupant, and installer. The Cyber Security Engineer II reports to the Product Security Assurance Leader and will be responsible for assessing and evaluating the security posture of a variety of Honeywell Products and partner technologies. This role will be responsible for security services delivery, which may include use of application / network / firmware / hardware security toolsets, detection of security defects, and remediation consultation of those weaknesses. Our services support the identification of potential attack techniques and serve as the foundation for continuously improving the product development lifecycle. Responsibilities Individual Contributor with Product Security Assurance Team, with minor team leadership accountabilities Provide mentorship, expertise and direction to junior team members Assist with onboarding internal team training Champion strategic Product Security initiatives Oversee and ensure client deliverables are on time, requirements are met Proactively anticipate escalations Lead initiatives to engineer better solutions Develop methodologies, determine scoping requirements Deliver Security Testing across all of Honeywell Assist in the development of modular, repeatable, effective Security Testing processes Partner with Tools and Technology Team to select, implement, develop, and automate testing with appropriate tools. Work with cross functional teams to develop remediation suggestions Report observations using our standardized reporting structure The engineer may frequently lift and/or move up to 25 pounds Basic Qualifications Bachelor s degree in computer science or software engineering, electrical engineering or equivalent experience Total Experience Minimum 5 years 3+ years demonstrated experience in penetration testing 1+ years project management skills Preferred Qualifications Experience in pentesting Web, Mobile App, Thick Client, API, Web services, Hardware, Cloud, Containers Exposure to IoT pentesting Understanding of application protocols, development, and common attack vectors. Good cybersecurity capabilities and strong software engineering skills Excellent understanding of security by design principles and architecture level security concepts Experience and knowledge of penetration testing methodologies and tools Up to date knowledge of current and emerging security threats and techniques for exploiting security vulnerabilities Effective oral and written communication skills Good interpersonal skills Experience in security testing within the appropriate domain Relevant Security certifications Public speaking at Technical Conferences Familiarity with reverse engineering tools, debuggers, and dynamic analysis techniques Experience in integrating pentest tools to CI/CD pipeline Preferred Qualifications Experience in pentesting Web, Mobile App, Thick Client, API, Web services, Hardware, Cloud, Containers Exposure to IoT pentesting Understanding of application protocols, development, and common attack vectors. Good cybersecurity capabilities and strong software engineering skills Excellent understanding of security by design principles and architecture level security concepts Experience and knowledge of penetration testing methodologies and tools Up to date knowledge of current and emerging security threats and techniques for exploiting security vulnerabilities Effective oral and written communication skills Good interpersonal skills Experience in security testing within the appropriate domain Relevant Security certifications Public speaking at Technical Conferences Familiarity with reverse engineering tools, debuggers, and dynamic analysis techniques Experience in integrating pentest tools to CI/CD pipeline

Cyber Security Engineer II The Cyber Security Engineer II reports to the Product Security Assurance Leader and will be responsible for assessing and evaluating the security posture of a variety of Honeywell Products and partner technologies. This role will be responsible for security services delivery, which may include use of application / network / Mobile / Cloud / Container security toolsets, detection of security defects, and remediation consultation of those weaknesses. Our services support the identification of potential attack techniques and serve as the foundation for continuously improving the product development lifecycle. Responsibilities Individual Contributor with Product Security Assurance Team, with minor team leadership accountabilities Provide mentorship, expertise and direction to junior team members Assist with onboarding internal team training Champion strategic Product Security initiatives Oversee and ensure client deliverables are on time, requirements are met Proactively anticipate escalations Lead initiatives to engineer better solutions Develop methodologies, determine scoping requirements Deliver Security Testing across all of HCE Assist in the development of modular, repeatable, effective Security Testing processes Partner with Tools and Technology Team to select, implement, develop, and automate testing with appropriate tools. Work with cross functional teams to develop remediation suggestions Report observations using our standardized reporting structure Basic Qualifications Bachelor s degree in computer science or software engineering, electrical engineering or equivalent experience Total Experience Minimum 2 years 2+ years demonstrated experience in penetration testing 1+ years project management skills Preferred Qualifications Experience in pentesting Web, Network, Mobile App, Thick Client, API, Web services, Cloud, Containers Understanding of application protocols, development, and common attack vectors. Good cybersecurity capabilities and strong software engineering skills Experience with pentest tools and frameworks such as: Burp Suite, IDA Pro, GHidra, Kali, OWASP, Metasploit, Nessus, Nmap, MObSF, Genymotion, Frida, APK Tool Scripting experience in Python, Powershell and Bash preferred. Experience working with other languages such as C, C++, Java, . NET or javascript. Excellent understanding of security by design principles and architecture level security concepts Experience and knowledge of penetration testing methodologies and tools Up to date knowledge of current and emerging security threats and techniques for exploiting security vulnerabilities Effective oral and written communication skills Good interpersonal skills Experience in security testing within the appropriate domain Demonstrated project management skills. Relevant Security certifications: CEH, OSCP, GPEN Public speaking at Technical Conferences Familiarity with reverse engineering tools, debuggers, and dynamic analysis techniques Experience in integrating pentest tools to CI/CD pipeline Basic Qualifications Bachelor s degree in computer science or software engineering, electrical engineering or equivalent experience Total Experience Minimum 2 years 2+ years demonstrated experience in penetration testing 1+ years project management skills Preferred Qualifications Experience in pentesting Web, Network, Mobile App, Thick Client, API, Web services, Cloud, Containers Understanding of application protocols, development, and common attack vectors. Good cybersecurity capabilities and strong software engineering skills Experience with pentest tools and frameworks such as: Burp Suite, IDA Pro, GHidra, Kali, OWASP, Metasploit, Nessus, Nmap, MObSF, Genymotion, Frida, APK Tool Scripting experience in Python, Powershell and Bash preferred. Experience working with other languages such as C, C++, Java, . NET or javascript. Excellent understanding of security by design principles and architecture level security concepts Experience and knowledge of penetration testing methodologies and tools Up to date knowledge of current and emerging security threats and techniques for exploiting security vulnerabilities Effective oral and written communication skills Good interpersonal skills Experience in security testing within the appropriate domain Demonstrated project management skills. Relevant Security certifications: CEH, OSCP, GPEN Public speaking at Technical Conferences Familiarity with reverse engineering tools, debuggers, and dynamic analysis techniques Experience in integrating pentest tools to CI/CD pipeline