Must have 8+ years of experience in Information Security domain Must have hands on experience on Triaging vulnerabilities of Prisma Cloud Twistlock 2+ years Must have hands on experience on vulnerability management governance tool 2+ years OR Must have working experience in Vulnerability Management 5+ years OR experience working on DevSecOps (including tools) 3+ years Must be able to lead a team of 10+ members to oversee their work and deliverables Should have Clear understanding of Cloud Workload Protection Platform (CWPP) 2+ Should have Clear Understanding of GCP and AWS cloud 2+ years Should have understanding of VM process, false positive, accept risk, explaining findings to the Business Unit

Expertise in Vulnerability Management, Web Proxy/URL Filtering, Intrusion Detection System (IDS), Cloud Security, Disaster Recovery and Pen Testing Develop project plan & scope, define milestones, timeline management & forecast.

2-4 years Experience in vulnerability Management and Penetration Testing. Hands-on Experience in Qualys WAS tool, and understanding the functionalities and capabilities of the tool. Required Candidate profile Strong Knowledge of OWASP Top 10 and other security standards. Hands-on experience with testing frameworks in line with Web Application, Thick Client, Mobile, Web Services/APIs, Networks.

Implement Information security policies, procedures, regulations, and best practices to ensure the confidentiality, integrity and availability of MHDI information and information asset. Required Candidate profile Conduct Internal Audit with the help of external audit firm to verify the effectiveness of security controls.

In-depth knowledge of security issues, exploitation techniques and remediation measures. Hands-on Experience in Source Code Review (Automated + Manual). Expertise in SAST report analysis to confirm the applicable vulnerabilities. Required Candidate profile In-depth understanding on Common Vulnerability Exposure (CVE)/ Cert advisory database Familiarity with OWASP, SANS vulnerabilities

Are you interested in working in one of the most impactful areas of technology in the world today? Do you want to build generative AI skills while working on a project to transform the most mission-critical IT workloads for organizations that power the global economy? Come join the team that is at the intersection of cutting-edge gen AI and mainframe software development, a key strategic pillar for IBM. As a Gen AI Transformation developer, you will leverage a highly tuned state-of-the-art large language model to transform code from one input source language to another. Role and Responsibilities Analyzing potential areas where non-compliance could occur and proposing mitigation strategies. Creating and updating company policies and procedures to reflect regulatory requirements. Providing compliance training to employees on relevant policies and procedure. Assessing potential security risks and prioritizing mitigation strategies, including PSIRTs and CSIRTs. Develop automation that will improve the reporting, including the creation of dashboards Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise 2+ Years of IT experience. The candidate must have demonstrated: Working knowledge of security concepts including IT security standards, threat modeling, access management, risk analysis. Familiarity with actioning non-compliances, such as vulnerabilities and proposing mitigation strategies Abilities to respond to potential cyber threats through vulnerability scanning, analyzing network traffic, and staying updated on emerging security trends Basic knowledge of security tools Preferred technical and professional experience The candidate should ideally have working knowledge of: Industry regulations and laws to identify potential compliance issues, including: HIPAA, NIST, SOC 2, FISMA, FedRamp, Privacy requirements. Interacting with external agencies to address compliance inquiries and audits. Typical security processes, product lifecycle, penetration testing, architectural diagrams and threat modeling.

Job description Job Title: Security Consultant (Mobile & Web Application Security, Red Teaming, Phishing) Location: Navi Mumbai Experience Level:1-2 Years Job Overview: We are looking for a highly motivated Junior Security Analyst with 1-2 years of hands-on experience in Red Teaming, Mobile Application Security Testing, Web Application Security Testing, and Phishing. The selected candidate will work within our cybersecurity team to identify and help mitigate security vulnerabilities across different platforms and applications. Additionally, the role includes participation in Red Team engagements and Phishing Campaigns. Key Responsibilities: Red Teaming: Assist in conducting Red Team operations to simulate advanced persistent threats (APT) and adversary tactics, techniques, and procedures (TTPs).Collaborate with senior team members to develop realistic attack scenarios and generate actionable reports. Mobile Application Security Testing: Perform security assessments of Android and iOS applications, identifying vulnerabilities and weaknesses.Conduct manual and automated testing using industry-standard tools such as Burp Suite, MobSF, Frida, etc.Document vulnerabilities and offer remediation strategies to development teams. Web Application Security Testing: Conduct web application security testing, identifying common vulnerabilities such as SQL Injection, Cross-Site Scripting (XSS), and Cross-Site Request Forgery (CSRF).Use tools such as OWASP ZAP, Burp Suite, and others to perform penetration testing.Prepare detailed assessment reports with actionable remediation recommendations. Phishing Campaigns: Assist in planning and executing phishing campaigns to simulate phishing attacks. Develop phishing templates and analyze user responses to gauge organizational security awareness. Provide reports and conduct training sessions to improve the organizations resilience to phishing attacks. Requirements: 1-2 years of relevant experience in Red Teaming, Mobile Application Security Testing, Web Application Security Testing, and Phishing. Familiarity with security standards and frameworks such as OWASP Top 10, SANS, NIST, etc. Proficiency with penetration testing tools such as Burp Suite, Metasploit, Nessus, MobSF, etc. Basic knowledge of scripting and programming languages (Python, Bash, etc.) is an added advantage. Understanding of phishing techniques and social engineering principles. Strong analytical and problem-solving skills with great attention to detail. Excellent verbal and written communication skills. Preferred Certifications (Not mandatory): CEH (Certified Ethical Hacker) CompTIA Pentest+ OSCP (Offensive Security Certified Professional)

Greetings from Analytix Solutions!!! We are looking to hire a Senior Executive for our Information Security team. This is a unique opportunity to be a part of a growing team where individual contributions directly impact overall business performance. Please refer supportive details mentioned below : Company Name: Analytix Business Solutions (US Based MNC) Company At Glance: We are a premier knowledge process outsourcing unit based in Ahmedabad, fully owned by Analytix Solutions LLC, headquartered in the USA. Our Service delivery units cater to the finance and accounting, information technology, Audio Visuals, US Healthcare Services, web marketing, data processing and automation outsourcing needs of our clients. Address : Analytix Solutions Block-A, 2nd Floor, Sun Westbank, Near Vallabh Sadan Riverfront, Opp. City Gold Cinema, Ashram Road, Ahmedabad, Gujarat 380015. Here you can refer to the detailed Job description. Job Summary : The ideal candidate will have 2 to 4 years of experience in managing information security audits, Specialization in VAPT having hands on penetration testing, being capable of performing scan on IT infrastructure, Cloud, Web Application, Generating comprehensive VAPT reports. Candidate must have capability to handle Information security operations, and handling SOC2, ISO, and HIPAA audits. This role is essential in maintaining and enhancing our security framework and ensuring compliance with various standards. Key Responsibilities : Hands on VAPT skills, must lead the VAPT management having through technical knowledge of VAPT tools, technologies Must be able to scan Own/client infrastructure depending on need arises Mobile Application Scan Web application scan IT /Network Infrastructure Scan Cloud Infrastructure scan Must have capability to showcase VAPT reports and remediation steps to senior leadership team. Manage and conduct information security audits, including SOC2, ISO, and HIPAA. Oversee daily security operations and ensure the integrity of information systems. Develop, implement, and maintain security policies, procedures, and guidelines. Monitor and respond to security incidents and alerts. Collaborate with various departments to ensure compliance with security standards. Stay updated with the latest security trends, threats, and technologies. Qualifications & Skill Requirements : Bachelors degree in information security, Computer Science, or a related field. 2 to 4 Years of hands on experience in VAPT. Familiarity with security tools and technologies. Excellent problem-solving and analytical skills. Strong communication and interpersonal skills. ISO27001 Lead auditor/implementer, VAPT certificates. Our EVP (Employee Value proposition) : 5 Days working Total 24 Earned & Casual leaves and 8 public holidays Compensatory Off Opportunity to work with USA clients Career progression and Learning & Development Loyalty Bonus Benefits Medical Reimbursement Standard Salary as per market norms Magnificent & Dynamic Culture

MaxVal, a leader in Intellectual Property (IP) services and technology, is seeking a Senior Information Security Analyst to join our team. The successful candidate will be responsible for planning, implementing, upgrading, and monitoring security protocols to protect MaxVals applications, infrastructure, and data. This role involves leading security initiatives, risk management, and ensuring compliance with security standards while collaborating with cross-functional teams. As a Senior Information Security Analyst, you will : Manage security systems such as firewalls, data protection controls, patching, encryption, vulnerability scanning, and penetration testing. Lead a team overseeing the deployment, configuration, and monitoring of security systems. Collaborate with business units to assess security requirements for new implementations and address security-related queries. Identify security threats, access violations, and required process changes to enhance data security. Evaluate vendor risk, examine contracts, and advise teams on third-party risk and data privacy issues. Utilize data encryption, firewalls, and security tools to safeguard digital data. Implement plans to protect data from unauthorized access, modification, destruction, or disclosure. Monitor and restrict access to confidential and high-security data. Modify security applications as needed for specialized access, new software integration, or error corrections. Enhance the risk management framework, perform risk assessments, audits, and security tests. Promote security awareness through training and user education. Monitor virus threats and ensure timely system updates. Review security violations and implement corrective measures. Perform additional security-related duties as assigned. Requirements Experience : 8+ years in computer systems security. Educational Qualification : B.Sc. (CSC), M.Sc. (CSC), B.Tech, B.E. (IT). Technical Expertise: Strong knowledge of security software, firewalls, encryption, authentication mechanisms, and cybersecurity frameworks. Experience with risk assessments, audits, and compliance. Skills : Excellent problem-solving and analytical skills. Strong communication (written & verbal) and collaboration abilities. High attention to detail and organization. Job Details Job Title: Senior Information Security Analyst Experience: 8-12 Years Job Type: Full-Time Location: Coimbatore / Bangalore / Noida Reports To: Head of Information Security

Key Skills : Security monitoring Incident response Governance Compliance Threat management Vulnerability assessment Cloud security Infrastructure security Risk assessment Penetration testing.

We are seeking a highly motivated and experienced IT & OT Security manager to join our dynamic security team You will play a pivotal role in protecting our organization s IT and OT systems from cyber threats by developing, implementing, and maintaining a comprehensive security program This role requires a unique blend of IT security knowledge and understanding of OT specific security principles Responsibilities Design, implement, and manage a holistic IT/OT security program that addresses vulnerabilities and risks across both IT and OT environments Conduct regular security assessments and penetration testing to identify and remediate vulnerabilities in IT systems (networks, applications, servers) and OT systems (industrial control systems, SCADA) Design and implement a secure IT/OT architecture, including network segmentation, firewalls, access controls, and specific OT security measures Design secure system architectures for critical infrastructure, implementing network segmentation, access controls, and intrusion detection systems Their expertise ensures reliable operations in OT/ICS environments Develop, enforce, and maintain security policies, procedures, and best practices for both IT and OT domains Oversee incident response activities for both IT and OT, including detection, containment, eradication, and recovery, ensuring business continuity and minimal disruption Stay uptodate on the latest IT and OT security threats and trends to maintain a proactive security posture Deliver security awareness training programs to educate IT and OT personnel on best practices and potential threats specific to their domains Design and specification of OT architecture and systems from an OT/cyber security perspective (SCADA/Automation network design and configuration) Acting as the lead/project manager on multidiscipline projects along with the project team in close collaboration with clients Manage and maintain IT and OT security tools and technologies, ensuring optimal performance and effectiveness Collaborate effectively with IT and OT teams to integrate security considerations seamlessly into operational procedures Report on the organization s overall security posture and key security metrics to senior management Mandatory Skill Sets OT Security Preferred Skills Sets Experience in relevant industries (e g , manufacturing, utilities, energy) a strong plus Certifications in IT security (e g , CISSP, CISA, CISM, OSCP) and OT security (e g , IEC 62443 Cybersecurity or GICSP, GSEC, SSCP) highly desirable (one in IT & one in OT is must) Working knowledge of IT and OT architectures and protocols Experience in incident response and disaster recovery planning for both IT and OT environments Understanding/experience on Advance Metering Infrastructure is a plus

The Information Security Engineer reports directly to the Director of Information Security and maintains. Please go through below link to get more information about this position : https://forms.gle/8mLmedkHVemekTPB7

Hi All Greeting from Tekskills india Pvt Ltd Job Role : Senior Penetration Tester Exp : 9+yrs Location : Bangalore NP : Immediate JD : The Penetration Tester, will provide broad and in depth knowledge to conduct offensive cyber operations across the organization globally. In this role, you will conduct offensive security operations to emulate adversary tactics and procedures to test preventative, detective and response controls across the global technology landscape. You will use your expertise to help influence technology decisions and work as part of a team to create consistent approaches to the offensive security processes and techniques. Penetration Testing Duties and Responsibilities: Operate a hands-on role involving penetration testing and vulnerability assessment activities of complex applications, operating systems, wired, wireless networks, and mobile applications/devices, Cloud(Azure, AWS, Google Etc) apps and softwares. Set up environment and maintain required tools needed for the team. Lead and manage Penetration Testing team and Supporting vendors to get qualitative deliveries to our customer. Develop and maintain security testing plans Able to automate penetration and other security testing on networks, systems and applications. Develop meaningful metrics to reflect the true posture of the environment allowing the organization to make educated decisions based on risk. Produce actionable, threat-based, reports on security testing results Act as a source of direction, training, and guidance for less experienced staff Consult with application developers, systems administrators, and management to demonstrate security testing results, explain the threat presented by the results, and consult on remediation Communicate security issues to a wide variety of internal and external customers to include technical teams, executives, risk groups, vendors and regulators Deliver the annual penetration testing schedule and conducting awareness campaigns to ensure proper budgeting by business lines for annual tests. Foster and maintain relationships with key stakeholders and business partners Certificates: Must Have Offensive Security Certified Professional (OSCP) Good to have CREST Registered Penetration Tester (CRT) Certified Ethical Hacker (CEH) Certification GIAC Certified Penetration Tester (GPEN) Penetration Testing Expert Requirements and Qualification: Previous working experience as a Penetration Testing Expert for 9 year BE in Computer Information Systems, Management Information Systems, or similar relevant field In-depth knowledge of application development processes and at least one programing or scripting language (e.g., Java, Scala, C#, Ruby, Perl, Python, PowerShell) Must know about standard Industry security Practices (OWASP, SANS, etc), Knowledgeable about industry Security guidelines and compliance such as ISO27001, SOC2, HIPPA etc. Hands on experience with testing frameworks such as the PTES and OWASP. Applicable knowledge of Windows client/server, Unix/Linux systems, Mac OS X, VMware/Xen, and cloud technologies such as AWS, Azure, or Google Cloud Critical thinker and problem solver Excellent organizational and time management skills Interested candidates please share your resume to bhoomika.b@tekskills.in

Project Role : Program/Project Management Lead Project Role Description : Lead business and technology outcomes for assigned program, project, or contracted service. Leverage standard tools, methodologies and processes to deliver, monitor, and control service level agreements. Must have skills : Dynatrace APM, Dynamic Application Security Testing (DAST) Good to have skills : NA Minimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Program/Project Management Lead, you will lead business and technology outcomes for assigned program, project, or contracted service. Leverage standard tools, methodologies, and processes to deliver, monitor, and control service level agreements. You will be responsible for ensuring successful project delivery and meeting service level agreements. Roles & Responsibilities: Expected to perform independently and become an SME. Required active participation/contribution in team discussions. Contribute in providing solutions to work-related problems. Lead and manage project teams effectively. Develop and maintain project plans, schedules, and budgets. Monitor project progress and address any issues that arise. Ensure project deliverables meet quality standards. Collaborate with stakeholders to ensure project success. Professional & Technical Skills: Must To Have Skills:Proficiency in Dynatrace APM, Dynamic Application Security Testing (DAST). Strong understanding of IT project management principles. Experience in managing cross-functional project teams. Excellent communication and interpersonal skills. Ability to prioritize tasks and meet project deadlines. Additional Information: The candidate should have a minimum of 3 years of experience in Dynatrace APM. This position is based at our Mumbai office. A 15 years full-time education is required. Qualifications 15 years full time education

Our world is transforming, and PTC is leading the way.Our software brings the physical and digital worlds together, enabling companies to improve operations, create better products, and empower people in all aspects of their business. Our people make all the difference in our success. Today, we are a global team of nearly 7,000 and our main objective is to create opportunities for our team members to explore, learn, and grow – all while seeing their ideas come to life and celebrating the differences that make us who we are and the work we do possible. Your Role We are looking for an enthusiastic candidate with outstanding talent to join the MCAD-QA team. Ideal candidates will have a passion for technology. You will be part of a fast-moving, experienced team using agile development processes to test world-class software product which will bring value to our customers. Key Responsibilities: Collaborate with cross-functional teams to understand customer requirements and ensure software quality. Develop and execute test plans, test cases, and test scripts. Identify, document, and track software defects. Perform various types of testing, including functional, regression, integration, and performance testing. Provide feedback and recommendations to improve software usability and functionality. Take an active role in evolving the product strategy and roadmap. Monitor and report on quality metrics. Perform Root Cause Analysis (RCA) to identify and resolve issues. Qualifications: 5+ years of experience in Creo. Strong understanding of customer requirements and problem-solving skills. Proficiency in various Creo modules. Detail-oriented with excellent analytical skills. Knowledge of testing methodologies. Location: Pune, India Preferred Qualifications: Experience or knowledge with in various modules of Creo. Experience or knowledge of modeling techniques. Any exposure to security testing - vulnerability assessment, and penetration testing in desktop environments will be an added advantage. Basic Qualifications: Bachelor’s degree in Mechanical Engineering or equivalent technical experience Demonstrated success in product design and development Minimum 3 years in hands-on Design using Creo. Life at PTC is about more than working with today’s most cutting-edge technologies to transform the physical world. It’s about showing up as you are and working alongside some of today’s most talented industry leaders to transform the world around you. If you share our passion for problem-solving through innovation, you’ll likely become just as passionate about the PTC experience as we are. Are you ready to explore your next career move with us? We respect the privacy rights of individuals and are committed to handling Personal Information responsibly and in accordance with all applicable privacy and data protection laws. Review our Privacy Policy here ."

Our potential, unleashed India's impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realize your potential amongst cutting edge leaders, and organizations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with our drive to propel with purpose and you have the perfect playground to collaborate, innovate, grow, and make an impact that matters. Deloitte helps organizations prevent cyberattacks and protect valuable assets. We believe in being secure, vigilant, and resilient not only by looking at how to prevent and respond to attacks, but at how to manage cyber risk in a way that allows you to unleash new opportunities. Embed cyber risk at the start of strategy development for more effective management of information and technology risks. Job Description: Work youll do As a part of our Risk Advisory team youll build and nurture positive working relationships with teams and clients with the intention to exceed client expectations. Youll: Works on projects with clearly defined guidelines as team member with responsibility for project delivery Works under general supervision with few direct instructions Performs cyber security assessments which includes vulnerability assessment & penetration testing, network security architecture review, secure configuration / code review, etc. Understands basic business and information technology management processes. Demonstrates knowledge of firm's methodologies, frameworks and tools Participate in practice development initiatives The key skills required are as follows: Understanding of basic business and information technology management processes Good knowledge of TCP/ IP and Networks including Firewall, IDS/IPS, Routers, Switches, and network architecture Experience in Infrastructure Penetration Testing and Application Security Testing Experience in Secure Code Review (Code Security Review) Experience in conducting configuration reviews of Windows, Linux, UNIX, Solaris, Databases, etc. Experience with Vulnerability Management tools: Kali Linux, Acunetix, AppScan, Nexpose, Qualys Guard, Nessus, Nmap, Metasploit, Fortify etc. Experience in basic scripting such as: Shell, Python, PERL, etc. Basic knowledge of Technoilogies such as: IPSEC, SSL, SSH, VPN, Ethernet Token Ring, WAP, SMTP, FTP, Frame Relay, WAN, ATM, FDDI, DSL, ISDN, HP Openview, Sun NetManage, Cisco Works, Radius, Big Brother, F5 Role and Responsibilities : Understanding of basic business and information technology management processes Good knowledge of TCP/ IP and Networks including Firewall, IDS/IPS, Routers, Switches, and network architecture Experience in Infrastructure Penetration Testing and Application Security Testing Experience in Secure Code Review (Code Security Review) Experience in conducting configuration reviews of Windows, Linux, UNIX, Solaris, Databases, etc. Experience with Vulnerability Management tools: Kali Linux, Acunetix, AppScan, Nexpose, Qualys Guard, Nessus, Nmap, Metasploit, Fortify etc. Experience in basic scripting such as: Shell, Python, PERL, etc. Basic knowledge of Technoilogies such as: IPSEC, SSL, SSH, VPN, Ethernet Token Ring, WAP, SMTP, FTP, Frame Relay, WAN, ATM, FDDI, DSL, ISDN, HP Openview, Sun NetManage, Cisco Works, Radius, Big Brother, F5 Understanding of basic business and information technology management processes Good knowledge of TCP/ IP and Networks including Firewall, IDS/IPS, Routers, Switches, and network architecture Experience in Infrastructure Penetration Testing and Application Security Testing Experience in Secure Code Review (Code Security Review) Experience in conducting configuration reviews of Windows, Linux, UNIX, Solaris, Databases, etc. How youll grow Connect for impact Our exceptional team of professionals across the globe are solving some of the worlds most complex business problems, as well as directly supporting our communities, the planet, and each other. Know more in our Global Impact Report and our India Impact Report. Empower to lead You can be a leader irrespective of your career level. Our colleagues are characterized by their ability to inspire, support, and provide opportunities for people to deliver their best and grow both as professionals and human beings. Know more about Deloitte and our One Young World partnership. Inclusion for all At Deloitte, people are valued and respected for who they are and are trusted to add value to their clients, teams and communities in a way that reflects their own unique capabilities. Know more about everyday steps that you can take to be more inclusive. At Deloitte, we believe in the unique skills, attitude and potential each and every one of us brings to the table to make an impact that matters. Drive your career At Deloitte, you are encouraged to take ownership of your career. We recognize there is no one size fits all career path, and global, cross-business mobility and up / re-skilling are all within the range of possibilities to shape a unique and fulfilling career. Know more about Life at Deloitte. Everyones welcome entrust your happiness to us Our workspaces and initiatives are geared towards your 360-degree happiness. This includes specific needs you may have in terms of accessibility, flexibility, safety and security, and caregiving. Heres a glimpse of things that are in store for you. Interview tips We want job seekers exploring opportunities at Deloitte to feel prepared, confident and comfortable. To help you with your interview, we suggest that you do your research, know some background about the organization and the business area you’re applying to. Check out recruiting tips from Deloitte professionals.

Roles : IoT/Embedded Security Engineer Location: Whitefield Bangalore Position Overview: We are seeking a highly skilled and motivated IoT / Embedded Security Engineer to join our team. The ideal candidate must have a strong background in IoT / embedded systems security, with a proven track record in identifying vulnerabilities and implementing robust security measures. Roles and Responsibilities: Conduct security assessments and risk analysis of embedded medical devices. Develop and implement security protocols and solutions for medical devices. Design and execute penetration testing and vulnerability assessments. Research and stay updated on emerging threats, vulnerabilities, and security trends in IoT and embedded systems. Collaborate with cross-functional teams to integrate security measures into the development lifecycle of products. Provide technical guidance and support to internal teams on security best practices. Participate in the design and architecture of secure IoT and embedded systems. Mandatory Skills: Bachelor's or Master's degree in Electrical Engineering, Computer Science or Electronic field. Proven experience (5 years) in IoT and embedded systems security. Strong knowledge of IoT protocols (e.g., UART, I2C, JTAG, MQTT, CoAP, HTTP) and embedded system architecture Experience with reverse engineering ARM/MIPS/x86 code architecture. Hands on with hardware attacks such as PCB reversing, Component identification,Side channel attacks,memory extraction methods. Knowledge of radio frequency (RF) protocols and related security implications such as BLE, WIFI, LoRa,DSP, SDR, etc. Understanding of industrial IoT (IIoT) security considerations. Experience with various hardware security assessment tools/frameworks. Familiarity with hardware security concepts such as secure boot, encryption, and secure firmware updates. Proficiency in programming languages commonly used in embedded systems (C/C++, Python). Proactive, problem-solver and the ability to work independently and within a team. Good to Have: Understanding of cryptographic algorithms and protocols. Knowledge of exploit development techniques, buffer overflows, and other memory corruption vulnerabilities applicable to embedded systems. Knowledge of secure coding practices and principles specific to embedded systems, including memory management and input validation. Familiarity with regulatory compliance and standards in IoT security. Any certification in IoT security, Embedded device security or similar, is a plus. Notice Period- Immediate Joiner to 15 Days Maximum Interested candidates kindly share your updated cv at sanchit@mounttalent.com

Job responsibilities Design, implement, and maintain cloud security architecture and solutions across AWS, OpenStack, Azure, or GCP to ensure data protection, privacy, and security in the cloud environment. Monitor and protect cloud-based infrastructure, virtual networks, containers, and serverless applications from security vulnerabilities and attacks. Configure, manage, and optimize Web Application Firewalls (WAFs) to protect cloud-hosted web applications from common threats like SQL injection, XSS, and DDoS attacks. Implement and manage identity and access management (IAM) policies, ensuring the principle of least privilege and secure access to cloud resources. Lead and manage cloud-related security incidents, from detection to mitigation and post-incident analysis, ensuring continuous improvement of security posture. Perform risk assessments and threat modelling for cloud environments and applications, identifying vulnerabilities and potential attack vectors in the cloud infrastructure. Ensure cloud environments are compliant with relevant security standards and regulations (e.g., ISO 27001, SOC 2, PCI DSS). Set up and maintain continuous security monitoring and logging for cloud environments to detect anomalies, security threats, and vulnerabilities. Collaborate with development and DevOps teams to integrate cloud security best practices into the SDLC and CI/CD pipelines (DevSecOps). Educate internal teams on cloud security best practices, WAF configuration, and security controls to foster a security-first mindset across the organization. Conduct regular cloud security audits and vulnerability assessments and recommend security enhancements as needed. Experience with threat hunting and using advanced analytics tools to detect security anomalies. Skills Strong knowledge of securing cloud environments (AWS, OpenStack, Azure, GCP) with hands-on experience implementing cloud-native security solutions. Extensive experience configuring, tuning, and managing Web Application Firewalls (WAFs) such as AWS WAF, Azure WAF, or third-party WAFs to protect against OWASP Top 10 threats. Experience with IAM management in the cloud, including configuring roles, policies, and multi-factor authentication (MFA) for secure access to cloud resources. Familiarity with cloud security tools and services (e.g., AWS Security Hub, Azure Security Centre, GCP Security Command Centre) to monitor, detect, and respond to threats. Experience in cloud penetration testing, vulnerability scanning, and risk assessments to identify and remediate security flaws in the cloud infrastructure. Knowledge and experience in managing and mitigating cloud security incidents and breaches, including performing forensic analysis and developing incident response plans. Proficiency in scripting languages (e.g., Python, PowerShell, Bash) for automating cloud security tasks, vulnerability scanning, and incident response. Ability to enforce cloud security best practices such as data encryption, network segmentation, secure API practices, and the secure configuration of cloud services. Deep understanding of cloud networking security, including firewalls, VPNs, security groups, VPCs, and private/public cloud configurations. Expertise in deploying DDoS protection services and tuning WAFs for optimal protection against both common and advanced web application attacks. Qualifications 5+ years of experience leading security initiatives for enterprises in an information security (InfoSec) consultant. Relevant certifications such as AWS Certified Security Specialty, Certified Cloud Security Professional (CCSP), or other cloud security certifications are preferred.

Job responsibilities Assist in the design, deployment, and management of cloud environments (AWS, OpenStack, Azure, GCP) to ensure scalability, security, and high availability. Implement and maintain cloud security best practices, including Identity and Access Management (IAM), data encryption, and access controls to safeguard cloud environments. Support SOC activities by integrating cloud infrastructure with security monitoring tools such as CrowdStrike EDR, Proofpoint, and email security solutions to detect and respond to security incidents. Respond to and investigate security incidents in cloud and on-premises environments, using CrowdStrike EDR for endpoint threat detection and Proofpoint for email-related threats. Develop and implement automation scripts using tools like Terraform, CloudFormation, or Ansible to streamline cloud provisioning, security management, and incident response processes. Leverage SOC tools (CrowdStrike, Proofpoint) to continuously monitor cloud environments for potential threats, anomalies, and vulnerabilities. Configure and manage security alerts and events generated by CrowdStrike EDR and Proofpoint, ensuring rapid identification and mitigation of threats across cloud services and email systems. Work closely with development and operations teams to ensure seamless integration of cloud environments and security solutions into applications and services. Assist in migrating on-premises applications and services to the cloud, ensuring secure migration and minimal operational disruption. Assist in educating teams about cloud security best practices, security operations processes, and how to leverage security tools such as CrowdStrike and Proofpoint to safeguard against threats. Stay informed on emerging threats, new security tools, and best practices for securing cloud environments and managing SOC operations. Skills Experience with one or more cloud platforms (AWS, Azure, GCP) and their core services such as compute, storage, networking, and security. Familiarity with SOC tools, particularly CrowdStrike EDR (for endpoint detection and response), Proofpoint (for email security and threat protection), and other security monitoring and incident response platforms. Strong understanding of cloud security best practices, including IAM (Identity and Access Management), secure APIs, encryption, and protecting data in transit and at rest. Proficiency in using cloud automation and Infrastructure-as-Code (IaC) tools like Terraform, CloudFormation, or Ansible to manage and provision cloud resources and integrate security operations. Knowledge of cloud networking concepts, including VPCs, subnets, security groups, and firewalls, with a focus on securing the cloud network. Experience with email security solutions like Proofpoint, including configuring, managing, and monitoring for phishing attempts, spam, and malware. Hands-on experience with security incident response processes, including investigation, mitigation, and reporting, using CrowdStrike EDR and other SOC tools. Familiar with performing vulnerability scans and collaborating with relevant teams on vulnerability remediation efforts. Qualifications 2+ years of experience leading security initiatives for enterprises in an information security (InfoSec) consultant. CEH (Certified Ethical Hacker), or other relevant security certifications.

Job responsibilities Lead application security efforts to ensure that security is integrated throughout the SDLC (Software Development Life Cycle) in alignment with industry best practices. Manage and configure Cloudflare, Akamai, AWS Web Application Firewalls (WAFs) to protect web applications from common threats (e.g., SQL injection, XSS) and ensure optimal performance and security. Perform static and dynamic application security assessments, including manual penetration testing, vulnerability scanning, and security code reviews. Conduct threat modelling to identify potential security risks and vulnerabilities in the application architecture and codebase. Collaborate with development teams to identify, prioritize, and mitigate security vulnerabilities in the code and environment. Integrate security tools (e.g., SAST, DAST, IAST) into the CI/CD pipeline to automate security testing. Provide expertise and guidance on secure coding practices to developers and ensure adherence to security standards and frameworks (e.g., OWASP, NIST). Develop and implement security policies and procedures for the secure design, development, and deployment of applications. Perform regular security audits and assessments to identify vulnerabilities and recommend improvements. Lead incident response activities for application-related security breaches, including analysis, remediation, and post-incident reporting. Advocate for security within the organization by conducting security awareness training and fostering a security-first culture. Stay up to date with the latest security trends, vulnerabilities, and exploits, and communicate findings to relevant stakeholders. Skills Proficient in application security assessments, including code reviews, penetration testing, and vulnerability scanning tools (e.g., Burp Suite). In-depth knowledge of secure coding practices and the ability to guide development teams in writing secure code (e.g., OWASP Top 10). Strong experience with configuring, managing, and tuning Web Application Firewalls (WAFs) to protect against common web application attacks such as SQL Injection, Cross-Site Scripting (XSS), and Cross-Site Request Forgery (CSRF). Strong experience in conducting manual penetration testing of web applications, APIs, and mobile applications. Familiarity with industry security frameworks and standards (e.g., OWASP, NIST, ISO 27001, PCI DSS). Experience integrating security into the CI/CD pipeline and working with automation tools (e.g., Jenkins, GitLab CI) to ensure continuous security testing. Ability to perform and communicate threat modelling exercises to identify potential security risks and propose solutions. Knowledge of securing cloud-based applications and environments (AWS, Azure, GCP) and understanding of cloud security best practices. Proficiency in scripting languages (e.g., Python, Bash, PowerShell) for automating security testing and reporting tasks. Knowledge of application-related incident response processes, including root cause analysis, remediation, and post-incident reporting. Relevant certifications such as CEH, OSCP, or AWS Certified Security Specialty are preferred. Qualifications 6+ years of experience in vulnerability program management and penetration testing. Prior experience as a team leads or role mentoring junior team members. AWS, CEH, OSCP, AWS Certified Security Specialty or CISSP Certifications preferred.

Job responsibilities Design, implement, and maintain secure cloud infrastructures across public and private cloud environments (AWS, OpenStack, Azure, GCP), ensuring the integration of best security practices and alignment with business goals. Develop and execute a comprehensive cloud security strategy that integrates security requirements into cloud architecture and development processes, focusing on continuous improvement and threat mitigation. Architect and implement robust network security solutions, including firewalls, intrusion detection systems (IDS/IPS), VPNs, and secure remote access, ensuring the confidentiality, integrity, and availability of cloud-based assets. Design, configure, and manage Web Application Firewalls (WAF) to protect web applications from external threats such as DDoS, SQL injection, cross-site scripting (XSS), and other OWASP Top 10 vulnerabilities. Conduct regular security assessments, penetration testing, and vulnerability assessments to identify and mitigate security risks in cloud environments and network infrastructure. Lead the automation of security processes, implementing infrastructure-as-code (IaC) for secure and compliant cloud deployments using tools such as Terraform and CloudFormation. Ensure compliance with industry standards and regulations (e.g., SOC 2, ISO 27001, GDPR, NIST). Establish incident response protocols for cloud environments, leading investigations and remediating security incidents across cloud and network infrastructures. Manage and integrate cloud security tools, including identity and access management (IAM), encryption solutions, cloud-native security services (e.g., AWS Guard Duty, Azure Security Centre), and third-party solutions like WAF and EDR. Provide guidance and mentorship to junior security engineers and other stakeholders on cloud security best practices, threat intelligence, and network security design. Maintain thorough documentation of cloud security architectures, configurations, incident response actions, and risk assessments. Regularly report to senior management on security posture and improvements. Stay up to date with the latest security threats, vulnerabilities, and mitigation techniques, especially for cloud security and network infrastructure. Proactively design solutions to combat emerging threats. Skills Extensive experience in designing and implementing secure cloud infrastructures and services, with proficiency in one or more cloud platforms (AWS, OpenStack, Azure, Google Cloud). Deep understanding of network security concepts and practices including firewalls, VPNs, proxy servers, IDS/IPS, and network access control in cloud environments. Hands-on experience in implementing, configuring, and managing WAF solutions (e.g., AWS WAF, Azure WAF) to protect applications from external attacks, including DDoS, XSS, and SQL injections. Expertise in configuring and managing IAM policies, roles, and permissions in cloud environments to enforce least-privilege access and mitigate insider threats. Strong knowledge of security standards and frameworks such as ISO 27001, SOC 2, NIST, GDPR, and PCI-DSS, and experience ensuring compliance in cloud and network security projects. Experience with cloud-based security monitoring tools (e.g., AWS Guard Duty, Azure Sentinel) and leading incident response efforts for cloud security incidents. Experience conducting vulnerability assessments, penetration tests, and security audits to identify weaknesses and implement remediation strategies in cloud and network environments. Deep understanding of security architecture principles and designing systems with a Security by Design” mindset to safeguard cloud and network infrastructure. Knowledge of data encryption techniques for data-at-rest and data-in-transit and securing data storage and communication in cloud environments. Ability to lead and mentor teams of security engineers, fostering collaboration across security, DevOps, and network engineering teams. Should be comfortable working with different teams and have good communication skills. Qualifications 8+ years of experience leading security initiatives for enterprises in an information security (InfoSec) consultant or architect role. Prior experience as a team lead or role mentoring junior team members. AWS, CEH, OSCP, AWS Certified Security Specialty or CISSP Certifications preferred.

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Security Threat Hunting Good to have skills : Threat Intelligence Operations Minimum 7.5 year(s) of experience is required Educational Qualification : Sec-Network Threat Protection -Impl Summary :As a Security Delivery Lead, you will be responsible for leading the implementation and delivery of Security Services projects, leveraging our global delivery capability. Your typical day will involve leading the team, conducting security threat hunting, and ensuring the successful delivery of projects. Roles & Responsibilities: Lead the implementation and delivery of Security Services projects, leveraging our global delivery capability. Conduct security threat hunting to identify and mitigate potential security threats. Collaborate with cross-functional teams to ensure successful project delivery. Provide technical guidance and mentorship to team members. Stay updated with the latest advancements in security threat hunting and integrate innovative approaches for sustained competitive advantage. Professional & Technical Skills: Must To Have Skills:Strong experience in security threat hunting. Must To Have Skills:Experience in leading security delivery projects. Good To Have Skills:Experience with security tools such as SIEM, IDS/IPS, and EDR. Good To Have Skills:Knowledge of security frameworks such as NIST, ISO, and CIS. Strong understanding of security threat hunting methodologies and techniques. Experience in conducting security assessments and penetration testing. Excellent communication and leadership skills. Additional Information: The candidate should have a minimum of 7.5 years of experience in security threat hunting. The ideal candidate will possess a strong educational background in computer science, information security, or a related field, along with a proven track record of delivering impactful security solutions. This position is based at our Bengaluru office. Qualification Sec-Network Threat Protection -Impl

Project Role :Quality Engineer (Tester) Project Role Description :Enables full stack solutions through multi-disciplinary team planning and ecosystem integration to accelerate delivery and drive quality across the application lifecycle. Performs continuous testing for security, API, and regression suite. Creates automation strategy, automated scripts and supports data and environment configuration. Participates in code reviews, monitors, and reports defects to support continuous improvement activities for the end-to-end testing process. Must have skills :Security Penetration Testing Good to have skills :.NET Architecture,Java Minimum 3 year(s) of experience is required Educational Qualification :1 Minimum 15 years of full time education Key Reponsibilities :1Perform tests on applications, network devices, and cloud infrastructures 2 Develop methodologies for penetration testing Review code for security vulnerabilities 3 Document security and compliance issues 4 Automate common testing techniques to improve efficiency and Write technical and executive reports Communicate findings to both technical staff and executive leadership 5 Strong knowledge of security principles and best practices Technical Experience : 1 Vulnerability assessment Penetration TestingVAPT Web Penetration TestingSAST DAST Mobile Penetration TestingSAST DAST 2 API Penetration Testing 3 Secure Code Review 4 Software Composition Analysis 5 Infrastructure Penetration Testing 6 Application Architecture Design Review 7 Cloud Security and Governance, Risk, and Compliance GRC, Thick Client Thin Client VAPT Knowledge/Hands on about DevSecOps/DevOps Knowledgeable about Data Protection Professional Attributes :1 Good oral and written communication skills 2 Work independently 3 Ability to manage multiple tasks and deadlines 4 Commitment to quality and high standards Qualification NA

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : Rapid7 Metasploit Good to have skills : NA Minimum 2 year(s) of experience is required Educational Qualification : Related qualifications and certifications Summary :As a Security Engineer, you will be responsible for applying security skills to design, build and protect enterprise systems, applications, data, assets, and people. Your typical day will involve working with Rapid7 Metasploit, identifying vulnerabilities, and providing solutions to safeguard information, infrastructures, applications, and business processes against cyber threats. Roles & Responsibilities: Identify vulnerabilities in enterprise systems, applications, data, assets, and people using Rapid7 Metasploit. Provide solutions to safeguard information, infrastructures, applications, and business processes against cyber threats. Collaborate with cross-functional teams to design and build secure enterprise systems and applications. Conduct security assessments and penetration testing to identify and mitigate security risks. Stay updated with the latest advancements in security technologies and integrate innovative approaches for sustained competitive advantage. Professional & Technical Skills: Must To Have Skills:Proficiency in Rapid7 Metasploit. Good To Have Skills:Experience with other security tools such as Nessus, Nmap, and Wireshark. Strong understanding of security concepts and principles. Experience in conducting security assessments and penetration testing. Knowledge of security frameworks such as NIST, ISO, and CIS. Solid grasp of network and system administration. Additional Information: The candidate should have a minimum of 2 years of experience in Rapid7 Metasploit. The ideal candidate will possess a strong educational background in computer science, information technology, or a related field, along with a proven track record of delivering impactful security solutions. This position is based at our Bengaluru office. Qualifications Related qualifications and certifications

Project Role : Quality Engineer (Tester) Project Role Description : Enables full stack solutions through multi-disciplinary team planning and ecosystem integration to accelerate delivery and drive quality across the application lifecycle. Performs continuous testing for security, API, and regression suite. Creates automation strategy, automated scripts and supports data and environment configuration. Participates in code reviews, monitors, and reports defects to support continuous improvement activities for the end-to-end testing process. Must have skills : Security Penetration Testing Good to have skills : NA Minimum 3 year(s) of experience is required Educational Qualification : 15 years of fulltime education Summary :As a Quality Engineer (Tester), you will be responsible for enabling full stack solutions through multi-disciplinary team planning and ecosystem integration to accelerate delivery and drive quality across the application lifecycle. Your typical day will involve performing continuous testing for security, API, and regression suite, creating automation strategy, automated scripts, and supporting data and environment configuration. You will also participate in code reviews, monitor, and report defects to support continuous improvement activities for the end-to-end testing process. Roles & Responsibilities: Perform continuous testing for security, API, and regression suite. Create automation strategy, automated scripts, and support data and environment configuration. Participate in code reviews, monitor, and report defects to support continuous improvement activities for the end-to-end testing process. Collaborate with cross-functional teams to ensure quality across the application lifecycle. Stay updated with the latest advancements in security penetration testing and implement innovative approaches for sustained competitive advantage. Professional & Technical Skills: Must To Have Skills:Experience in Security Penetration Testing. Good To Have Skills:Knowledge of automation tools like Selenium, Appium, and JMeter. Strong understanding of software testing methodologies and processes. Experience in API testing and regression testing. Experience in defect tracking tools like JIRA. Solid grasp of data munging techniques, including data cleaning, transformation, and normalization to ensure data quality and integrity. Additional Information: The candidate should have a minimum of 3 years of experience in Security Penetration Testing. The ideal candidate will possess a strong educational background in computer science or a related field, along with a proven track record of delivering impactful data-driven solutions. This position is based at our Bengaluru office. Qualification 15 years of fulltime education