1535 Penetration Testing Jobs - Page 5

The Cyber Security Architect will lead the cyber security practice and develop innovative automation solutions within the security landscape. This role demands a proactive, hands-on approach to technology and cyber security, focusing on designing and implementing robust security measures to safeguard the organization s systems, networks, and data. The ideal candidate will be a strategic leader with deep technical expertise, capable of enhancing organizational security in a dynamic, technology-driven environment. Lead the Cyber Security Practice: Provide strategic direction and oversight for security initiatives, ensuring alignment with organizational goals. Develop Automation Solutions: Design and implement automation tools and processes to streamline and enhance security operations. Conduct Security Assessments: Perform comprehensive evaluations, including penetration testing, security code reviews, and threat modeling, to identify and mitigate vulnerabilities. Design Security Architectures: Create and deploy secure architectures for applications, platforms, and cloud environments. Collaborate with Development Teams: Partner with developers to integrate secure coding practices and embed security throughout the development lifecycle. Provide Consultation and Advisory Services: Offer expert cybersecurity guidance to stakeholders across various domains and industries. Stay Current with Trends: Continuously research and adopt the latest security technologies, threats, and best practices. Contribute to the Field: Publish whitepapers, articles, or insights on security trends and best practices to elevate industry knowledge. Qualifications and Skills: Education: Bachelor s degree in computer science, Information Technology, or a related field. Experience: Minimum of 10 years in IT and security, including at least 5 years in a security architect or similar role. Proven track record of performing security assessments (e.g., for 200+ applications). Certifications: Relevant credentials such as Certified Ethical Hacker (CEH), Microsoft Certified Security Architect, or equivalent (e.g., CompTIA Security+, CompTIA PenTest+). Technical Expertise: Strong knowledge of application security, development, and security analysis. Hands-on experience with penetration testing, security code review, design review, static application security testing (SAST), dynamic application security testing (DAST), and threat modeling. Experience with security automation tools and scripting languages (e.g., Python, PowerShell). Soft Skills: Excellent communication and leadership abilities to guide teams and advise stakeholders. Ability to thrive in a fast-paced environment and manage multiple projects concurrently. Passion: A demonstrated commitment to enhancing organizational security posture and resilience in the context of AI, Cloud, Agile, and DevOps.

Masai, in partnership with top academic institutions, is launching an advanced online program in Cyber Security. This program is designed to equip learners including students, working professionals, and career changers with practical, job-ready skills in information security, threat analysis, penetration testing, and governance frameworks. We are seeking experienced Cyber Security professionals to join as Industry Mentors who can bring real-world insights, guide learners through hands-on applications, and bridge the gap between theory and practice. Key Responsibilities: Session Facilitation & Mentorship: Lead live online mentoring sessions focused on real-world applications, tools, and industry case studies. Help learners understand the practical challenges and solutions in Cyber Security domains such as network security, ethical hacking, cloud security, and incident response. Provide career guidance and professional insights to aspiring security professionals. Capstone & Project Review: Guide learners in applying security principles in capstone or portfolio projects. Offer feedback and support to enhance project quality and job-readiness. Industry Integration: Share industry updates, best practices, and emerging trends in Cyber Security. Facilitate Q&A, discussions, and interactive learning experiences. Candidate Requirements: Minimum 5 years of hands-on experience in Cyber Security (e.g., Threat Intelligence, SOC, Security Audits, Pen Testing, Compliance, etc.) Current or former professionals from companies working in Cyber Security, Tech Consulting, Fintech, Government, or Defense are encouraged to apply. Strong communication and mentoring skills. Familiarity with tools and platforms like SIEM, IDS/IPS, Nmap, Burp Suite, Metasploit, Wireshark, and more. Passion for education, mentorship, and upskilling future professionals. Engagement Details: Time Commitment: 2 4 hours per week Location: Remote (online) Compensation: 25K to 75K per month (based on experience and involvement) Why Join Us? Mentor aspiring Cyber Security professionals from diverse backgrounds Share your expertise while contributing to a mission-driven education platform Engage with a flexible, part-time schedule Collaborate with a network of academic and industry leaders Help shape the future of Indias cybersecurity workforce

About the Team: The Fraud Preventions & LEA management team under Risk Operations manages the LEA queries and resolutions through immediate responses and gathering requisite response from different business units within PayU. The team consists of 8-10 members ranging Execs to Sr.Manager level employees who reports in to Head of Investigations. About the Role: The role requires a person to be well versed with the nodal functions of financial sectors and should be able to handle the LEA (Law Enforcement Agencies) queries and represenatations and enhance internal processes to manage the LEA requirements within timlines and develop cordial relationship with multiple LEA’s/Regulatory(MHA, RBI, CBI, CID, Cyber Crime, Stae Police etc.) across india. Responsibilities: Handling daya to day LEA/regulatory enquiries received by Payu through multiple channels/sources and resolve within the timelines as per regulations. Liaising internally within the PayU India organization for collection of data, documents and factual inputs for providing timely and accurate responses within timelines. Good Knowledge about Cybercrime / Financial frauds with Banks/Cards etc. Exp. in handling RBI and Regulatory enquiries/cases. Handling cases relted to Acquiring and issuing banks. Risk monitoring for merchants and suspicion reporting. Dealing with Cyber Police Officials & Banks over phone call and assisting them as per the requirement as point of contact (case to case basis). Dealing with merchants to fetch the details or reolve disputes received through LEA/Regulatory. Daily case closure and reporting tracker update/upload. Requirements: Graduate with experience in same field is preferred. Experience in handling of Cyber crime and other financial frauds of cards misuses etc. Team player, who is eager to develop/learn and work towards team objectives. What we offer? A positive, get-things-done workplace A dynamic, constantly evolving space (change is par for the course – important you are comfortable with this) An inclusive environment that ensures we listen to a diverse range of voices when making decisions. Ability to learn cutting edge concepts and innovation in an agile start-up environment with a global scale Access to 5000+ training courses accessible anytime/anywhere to support your growth and development (Corporate with top learning partners like Harvard, Coursera, Udacity) About us: At PayU, we are a global fintech investor and our vision is to build a world without financial borders where everyone can prosper. We give people in high growth markets the financial services and products they need to thrive. Our expertise in 18+ high-growth markets enables us to extend the reach of financial services. This drives everything we do, from investing in technology entrepreneurs to offering credit to underserved individuals, to helping merchants buy, sell, and operate online. Being part of Prosus, one of the largest technology investors in the world, gives us the presence and expertise to make a real impact. Find out more at www.payu.com Our Commitment to Building A Diverse and Inclusive Workforce As a global and multi-cultural organization with varied ethnicities thriving across locations, we realize that our responsibility towards fulfilling the D&I commitment is huge. Therefore, we continuously strive to create a diverse, inclusive, and safe environment, for all our people, communities, and customers. Our leaders are committed to create an inclusive work culture which enables transparency, flexibility, and unbiased attention to every PayUneer so they can succeed, irrespective of gender, color, or personal faith. An environment where every person feels they belong, that they are listened to, and where they are empowered to speak up. At PayU we have zero tolerance towards any form of prejudice whether a specific race, ethnicity, or of persons with disabilities, or the LGBTQ communities.

Job Title: Application Security Expert - Red Team / Ethical Hacker Department: Information Security / Cybersecurity Reports To: Group CISO Job Summary: The Application Security Expert - Red Team / Ethical Hacker is a critical role responsible for proactively identifying and exploiting security vulnerabilities in our software applications throughout the entire Software Development Life Cycle (SDLC). Operating as a key member of the in-house Red Team, this role will focus on simulating real-world attacks, conducting advanced penetration testing, and providing actionable intelligence to strengthen our overall security posture. Responsibilities: Red Teaming & Attack Simulation: Plan and execute realistic attack simulations against our web, mobile, and desktop applications to identify weaknesses and bypass security controls. Develop and utilize custom exploits, tools, and techniques to mimic the tactics, techniques, and procedures (TTPs) of advanced threat actors. Conduct social engineering campaigns to assess employee awareness and identify potential vulnerabilities. Advanced Penetration Testing: Perform in-depth penetration tests of applications, networks, and systems, using both automated tools and manual techniques. Identify and exploit complex vulnerabilities, including those related to application logic, authentication, authorization, and data handling. Develop detailed penetration test reports with clear and actionable recommendations for remediation. Secure Code Review (Offensive Perspective): Conduct code reviews from an offensive perspective, identifying potential vulnerabilities that could be exploited by attackers. Provide developers with guidance on secure coding practices and vulnerability remediation techniques. Develop and maintain secure coding guidelines and checklists. Vulnerability Research & Exploit Development: Stay up-to-date on the latest security threats, vulnerabilities, and exploit techniques. Conduct vulnerability research to identify new and emerging threats. Develop custom exploits and tools to test and demonstrate the impact of vulnerabilities. SDLC Integration & Security Advocacy: Collaborate with development teams to integrate security testing and red teaming activities into the SDLC. Participate in design reviews and provide security guidance on application architecture and design. Promote a security-conscious culture within the development organization. Vulnerability Management (Validation & Verification): Validate and verify the effectiveness of vulnerability remediation efforts. Retest remediated vulnerabilities to ensure they have been properly addressed. Security Tooling & Automation (Offensive Tools): Evaluate, recommend, and customize offensive security tools and technologies. Automate red teaming and penetration testing processes to improve efficiency and coverage. Required Skills and Qualifications: Education: Bachelor's or Master's degree in Computer Science, Information Security, or a related field. Experience: 8+ years of experience in application security, penetration testing, red teaming, or a related field. Demonstrable experience conducting advanced penetration tests and red team engagements. Strong understanding of web application vulnerabilities (e.g., OWASP Top 10, SANS Top 25). Experience with various penetration testing tools and frameworks (e.g., Metasploit, Burp Suite, Kali Linux). Experience with exploit development and reverse engineering. Technical Skills: Expert proficiency in one or more programming languages (e.g., Python, Java, C, C++). Strong understanding of web application architectures and technologies. Deep understanding of network protocols and security concepts. Familiarity with cloud security principles and practices (e.g., AWS, Azure, GCP). Understanding of authentication and authorization mechanisms. Certifications (Required/Preferred): Offensive Security Certified Professional (OSCP) - Required Certified Ethical Hacker (CEH) - Preferred GIAC Web Application Penetration Tester (GWAPT) - Preferred Offensive Security Certified Expert (OSCE) - Highly Preferred Offensive Security Web Expert (OSWE) - Highly Preferred

Job Summary This role encompasses a broad range of security responsibilities, including advanced offensive security operations, application security reviews, secure code reviews, and implementation of the Secure Software Development Lifecycle (SSDLC). The successful candidate will simulate sophisticated attacks, conduct secure code reviews, and contribute to the development of security tools. Responsibilities also include ensuring cloud security and Kubernetes security. The ideal candidate will possess the ability to conduct offensive security operations and apply their expertise to application security. They will perform threat modeling exercises with an attacker's mindset, leveraging their experience in bug bounty programs and red teaming simulations. The candidate will implement mitigations at the code level and support the Blue Team in improving detection capabilities using SIEM tools. This role requires a unique blend of skills and knowledge across multiple security domains. Job Requirements • Conduct Red Team exercises, simulating APTs in cloud, container, and AD environments. • Develop and execute adversary simulations based on the MITRE ATT&CK framework, focusing on assume breach scenarios. • Simulate attacks on software supply chains and CI/CD pipelines. • Perform in-depth penetration testing (both black-box and white-box) for web applications, APIs, and networks. • Conduct secure code reviews in collaboration with development teams to identify, exploit and implement mitigations on code level. • Integrate security tools and practices into the CI/CD pipeline, emphasizing DevSecOps methodologies. • Conduct threat modeling, design, and architectural reviews to identify potential security risks in the software development lifecycle. • Provide security guidance to development teams, assisting in risk mitigation and secure development practices. • Collaborate with the Blue Team to improve detection capabilities and test defensive measures. • Utilize SIEM tools for incident detection and response, providing insights to enhance monitoring and alerting mechanisms. • Develop and maintain custom security tools and frameworks to automate security testing and monitoring. • Stay informed about emerging threats, attack techniques, and security technologies. Education • Bachelor’s degree in computer science, information security, or a related field (or equivalent experience). • At least 4+ years of experience in offensive security and Application security. • Proven experience in offensive security, with a strong understanding of attack vectors and techniques. • Relevant certifications such as OSWE, OSCP, CRTO, or similar. • Significant contributions to security through Bug bounty programs, CVEs or recognized security research. • Recognized public acknowledgments in security research. • Experience with scripting or programming languages like Python, Go, or Ruby for developing custom attack tools/exploits. • Familiarity with CI/CD tools such as GitHub Actions, Jenkins, or TeamCity. • Knowledge of security practices of cloud computing platforms like AWS, Azure, GCP, as well as k8s.

We are looking for an experienced Application Security Engineer with 23 years of hands-on experience in security testing across web, mobile, API, and cloud environments. You will perform in-depth manual and automated testing, identify vulnerabilities using frameworks like OWASP and NIST, and provide actionable remediation guidance with clear PoCs. This role involves close collaboration with development and DevOps teams to integrate security into the SDLC, support secure coding practices, and contribute to threat simulations and R&D efforts. Strong knowledge of CVSS, MITRE ATT&CK, and scripting skills (Python, Bash) are essential, along with the ability to clearly communicate security findings to both technical and non-technical stakeholders Key Responsibilities: Conduct hands-on security testing of web applications, mobile apps, cloud environments, and APIs, identifying security vulnerabilities based on industry-standard methodologies (e.g., OWASP, SANS, NIST). Evaluate the risk and severity of discovered vulnerabilities using frameworks such as CVSS and document findings with clear Proof-of-Concepts (PoCs), highlighting real-world business impact and custom remediation guidance. Collaborate with development teams to explain vulnerabilities, answer technical queries, and recommend secure coding practices and mitigation strategies. Participate in research and development (R&D) initiatives, including the discovery of new attack vectors, tooling improvements, and security automation. Contribute to secure SDLC processes, including secure design reviews, code reviews alongside DevOps and architecture teams. Assist in conducting threat simulations, adversary emulation, and red team exercises when required. Maintain awareness of emerging threats, CVEs, and vulnerability trends affecting web, mobile, and cloud technologies. Required Skills & Tools 2-3 years of hands-on experience in security testing or penetration testing across web, mobile, API, and/or network layers. Bachelors degree in Computer Science or a related technical field (or equivalent experience). Having published CVEs is considered a strong advantage. Solid knowledge of OWASP Top 10, MITRE ATT&CK, and Secure Coding Guidelines. Strong understanding of manual testing approaches — not just tool-assisted scans. Hands-on experience with reporting, PoC generation, and remediation consulting. Scripting or automation skills in Python, Bash for creating custom tools. Effective communication skills to interact with both technical and non-technical stakeholders.

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Mandatory Skills: Microsoft Information Protection. Experience: 3-5 Years.

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Mandatory Skills: GRC Consulting. Experience: 5-8 Years.

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Mandatory Skills: Security Incident Response. Experience: 5-8 Years.

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Mandatory Skills: Microsoft Identity Manager. Experience: 5-8 Years.

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Mandatory Skills: PKI - Certificate Management. Experience: 3-5 Years.

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Mandatory Skills: GRC Process. Experience: 3-5 Years.

As an experienced Application Security Manager, you will play a crucial role in leading our security initiatives to ensure the integrity, confidentiality, and availability of our systems and data. Your responsibilities will involve integrating security tools, standards, and processes into the product life cycle (PLC), training developers and QA personnel on security knowledge, supporting application security tool deployments, and managing periodic penetration testing exercises. You will be tasked with creating, integrating, and managing threat modeling processes/practices, following SSDLC and application framework, as well as managing secure configuration/hardening guidelines and compliance. Additionally, you will need to create and manage application security KPIs, KRIs compliance reports, and dashboards. Your role will also require hands-on experience with tools and processes related to SAST, DAST, API Security, and Threat Modelling. Furthermore, you will oversee Infosec functions by coordinating with various stakeholders such as the App Team, Vendors, Auditors, and Regulators. It is essential to have knowledge of best practices like OWASP, Microsoft SDL, SANS, NIST, as well as experience with cloud environments (AWS) and WAF (Imperva, Akamai). Knowledge of Network and Data Security is considered a plus. In terms of qualifications and experience, we are looking for candidates with 8-10 years of hands-on experience in application security. A strong understanding of application security best practices, frameworks, and security technologies is required. Proven experience in managing VA, PT, Code review, SAST, DAST, SSDLC, Threat Modelling, and Audit processes is essential. Familiarity with regulatory requirements and compliance standards, such as RBI and SEBI, is beneficial. Excellent communication, interpersonal, analytical, and problem-solving skills are important for this role. A Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field is required, while a Master's degree or relevant certifications are preferred.,

You will be joining NTT DATA, a company that is committed to pushing the boundaries of what is possible. Renowned for technical excellence and leading innovations, we make a difference to our clients and society. Our workplace embraces diversity and inclusion, providing a space where you can grow, belong, and thrive. As a Senior Associate Security Consultant, your role involves developing expertise in your area of specialization. You will be responsible for translating clients" cybersecurity requirements, customizing and implementing security solutions into specific systems, applications, and product designs. Identifying and developing security solutions for clients using company products, outsourced technology solutions, and technical tools will be a key aspect of your role. You will consult with clients on secure product configuration, deployment, and security patches to minimize vulnerabilities. Your key responsibilities will include conducting security assessments, vulnerability scans, and penetration tests, analyzing security data to detect incidents, preparing documentation such as security assessment reports, collaborating with senior consultants to provide advice on security best practices, and staying updated on cybersecurity threats and industry best practices. Additionally, you will assist in evaluating client systems for compliance with industry standards and regulatory requirements while communicating effectively with clients to understand their security needs. To excel in this role, you should have a strong interest in cybersecurity, knowledge of basic cybersecurity concepts and best practices, familiarity with security tools, excellent analytical and problem-solving skills, effective communication skills, and the ability to work collaboratively in a team environment. You should also be eager to stay informed about the evolving cybersecurity landscape. Academic qualifications required for this role include a Bachelor's degree or equivalent in Information Technology, Computer Science, Engineering, or a related field, along with industry-relevant certifications such as CISSP, CISM, CEH, GSEC, or CompTIA Security+. You should have a moderate level of demonstrable experience in the Information Technology Security Industry or a relevant role, experience with security architecture design principles, industry compliance, and standards. This role offers a hybrid working environment and an opportunity to be part of a global innovator in business and technology services. NTT DATA is committed to helping clients innovate, optimize, and transform for long-term success. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation, and management of applications. NTT DATA is dedicated to creating a sustainable digital future and is part of the NTT Group headquartered in Tokyo. NTT DATA is an equal opportunity employer.,

As a Cybersecurity Trainer at Clinilaunch Research Institute in Bangalore, you will be responsible for delivering engaging and comprehensive training across various cybersecurity courses. With 3-5 years of experience, you will guide students through foundational and advanced cybersecurity topics, hands-on labs, and exam preparation for industry-recognized certifications. Your key responsibilities will include conducting training on Ethical Hacking, Network Security, Penetration Testing, Cybersecurity Risk Management, and Security Operations. Collaborating with the curriculum development team, you will enhance training content and methodologies. Assessing student progress and providing constructive feedback will be crucial in your role. To excel in this position, you must hold a Certified Ethical Hacker (CEH) certification from EC-Council and demonstrate proven experience as a cybersecurity trainer. Strong communication and presentation skills, along with in-depth knowledge of cybersecurity practices, are essential qualifications. Preferred certifications from EC-Council include Certified Network Defender (CND), Certified Chief Information Security Officer (C|CISO), Certified Security Analyst (ECSA), Certified Incident Handler (ECIH), and Certified Disaster Recovery Professional (CDRP). Your expertise in network security, ethical hacking, and threat intelligence, coupled with hands-on experience in tools like Kali Linux, Metasploit, and Wireshark, will be advantageous. As a passionate educator, you will simplify complex technical concepts for non-technical audiences and mentor aspiring cybersecurity professionals to prepare them for successful careers in the field. Your work will be on-site at Clinilaunch Research Institute in Bangalore, providing a conducive environment for professional growth and development. Stay updated on the latest cybersecurity trends, threats, and technologies to ensure the highest quality of training delivery.,

The primary responsibility in the role of L3-Information Security involves managing organizational practices related to Vulnerability Assessment, Infrastructure Penetration Testing (Cloud/Traditional DC), Configuration Review, and Red Teaming. As a part of the role, you will be expected to lead the team in delivering Vulnerability Management operations efficiently. Your duties will include conducting penetration testing based on scheduled activities and responding to on-demand requests for Infrastructure Vulnerability Assessment. You will also be responsible for performing Vulnerability Assessment and Penetration Testing on Cloud Environments such as AWS, GCP, and Azure. Additionally, conducting configuration reviews based on the calendar activities and responding to on-demand requests for server, database, and network components will be a part of your responsibilities. As part of this role, you will need to identify critical vulnerabilities and propose workarounds. You will be required to explain vulnerabilities to system owners, provide recommendations for mitigation, monitor the progress of vulnerability mitigations, and keep track of remediation efforts. Providing advisory support to the internal IT team for closing identified vulnerabilities during security testing will also be expected. To excel in this position, you should stay updated on the latest trends in tools and technologies used for application security. Developing Proof of Concepts (POCs) to demonstrate security issues will also be a key aspect of this role. In terms of qualifications, a B.Tech, B.E, MCA, or equivalent degree from a recognized university is required. Candidates should have a minimum of 8 years of experience in a similar role. Preferred certifications include OSCP and EC-Council LPT, while hands-on experience with popular security tools like Nessus, Metasploit, and KALI Linux is essential. Additionally, working knowledge of CIS Security benchmarks and practical experience in auditing various operating systems, databases, networks, and security technologies will be beneficial for this position.,

As an Attack Surface Reduction Analyst at H&M, you will play a crucial role in identifying potential security risks and vulnerabilities within the organization's systems, applications, and networks. Your responsibilities will include conducting comprehensive vulnerability assessments and penetration tests, utilizing industry-standard tools to identify weaknesses in our attack surface, and collaborating with cross-functional teams to prioritize and remediate vulnerabilities in a timely manner. Additionally, you will be involved in managing third-party penetration testing engagements, developing security policies and procedures, and staying up to date with the latest cybersecurity trends. To excel in this role, you should possess a Bachelor's degree in computer science, information security, or a related field, along with 3-5 years of experience in vulnerability scanning, vulnerability management, and penetration testing. Strong knowledge of common vulnerabilities, security best practices, and industry frameworks such as NIST, OWASP, and CIS is essential. Proficiency in using industry-standard vulnerability assessment and penetration testing tools, effective communication skills, and relevant certifications like SANS, OSCP, or CompTIA Security+ are also advantageous. At H&M, we value our employees and offer attractive benefits, extensive development opportunities, and a vibrant work culture. If you are looking to grow your career in a supportive and inclusive environment, we encourage you to join our team. Please apply by submitting your CV in English through SmartRecruiters or our career page before the 30th of June 2025. We look forward to welcoming you on board in August 2025.,

Security Analyst Req number: R5734 Employment type: Full time Worksite flexibility: Onsite Who we are CAI is a global technology services firm with over 8,500 associates worldwide and a yearly revenue of $1 billion+. We have over 40 years of excellence in uniting talent and technology to power the possible for our clients, colleagues, and communities. As a privately held company, we have the freedom and focus to do what is right—whatever it takes. Our tailor-made solutions create lasting results across the public and commercial sectors, and we are trailblazers in bringing neurodiversity to the enterprise. Job Summary We are looking for a motivated Security Analyst ready to take us to the next level! If you understand ISMS, Information Security, Vulnerability Management and are looking forward to your next career move, apply now. Job Description We are looking for a Security Analyst . This position will be full-time and Onsite Gurugram. What You’ll Do Ensure compliance with security standards and frameworks (e.g., ISO 27001). Assist in the development and enforcement of internal security policies and procedures. Conduct regular audits to ensure compliance with established security protocols and guidelines. Coordination with relevant stakeholders to identify, assess, and prioritize security vulnerabilities across systems and networks. Coordinate in performing vulnerability assessments and penetration testing to ensure system defense are robust. Collaborate with IT teams to recommend and implement patches, fixes, or configuration changes to address vulnerabilities. Continuously monitor network traffic, security logs, and systems for any signs of security breaches or irregularities. Maintain and manage security tools (e.g. Next gen AV, EDR, SIEM). Educate employees on information security best practices, including secure password policies and safe internet use. What You'll Need 3+ years of experience in a Security Analyst or related role. Hands-on experience with security monitoring, vulnerability management, and incident response. AV, EDR/XDR, SIEM, Network protocol. Incident Response. Vulnerability Assessment. Familiar with the Secure SDLC Framework. Strong analytical and problem-solving skills. Excellent understanding of network protocols (TCP/IP, DNS, HTTP, etc.). Experience with vulnerability management and penetration testing tools. Familiarity with risk management and compliance requirements. Windows/Linux administration. Conduct regular system scans, security checks, and updates to ensure the security tools are functioning optimally. Provide guidance on handling sensitive data and maintaining security hygiene. Document security incidents, investigations, and actions taken for compliance and future reference. Contribute to risk assessments and assist in the identification of key risk areas for the organization. Investigate security incidents, respond promptly, and report findings to the management team. Physical Demands Sedentary work that involves sitting or remaining stationary most of the time with occasional need to move around the office to attend meetings, etc. Ability to conduct repetitive tasks on a computer, utilizing a mouse, keyboard, and monitor. Reasonable accommodation statement If you require a reasonable accommodation in completing this application, interviewing, completing any pre-employment testing, or otherwise participating in the employment selection process, please direct your inquiries to application.accommodations@cai.io or (888) 824 – 8111.

We are seeking an experienced and dynamic Cybersecurity Trainer to join our team. The ideal candidate will be responsible for delivering high-quality cybersecurity training to individuals and groups, ensuring they gain the knowledge and skills necessary to thrive in a fast-paced and ever evolving digital landscape. You will be responsible for creating and delivering engaging training materials, hands-on labs, and real-world scenarios to effectively educate participants on essential cybersecurity principles and practices. Diam massa vulputate ut tempus viverra sed ac. Amet faucibus non nulla id adipiscing. Aliquam sit parturient amet, sagittis. Urna, dictum volutpat dapibus pharetra massa felis. Convallis duis suspendisse luctus amet ultricies at leo, nulla. Consectetur porta cras etiam bibendum sed lobortis aenean lectus. Key Responsibilities Conduct engaging, informative, and hands-on cybersecurity training sessions for individuals or groups, either in-person or remotely. Curriculum Development Develop and update comprehensive training materials, including presentations, guides, lab exercises, and assessments on various cybersecurity topics such as threat analysis, network security, ethical hacking, encryption, risk management, etc. Skill Development Teach and assess participants' knowledge and practical skills in areas like network security, cybersecurity fundamentals, penetration testing, firewalls, vulnerability management, and incident response. Real-World Application Integrate real-world scenarios and case studies into training sessions to enhance learning and provide practical understanding. Performance Tracking Evaluate participant progress through assessments and feedback, and track learning outcomes. Continuous Improvement Stay updated with the latest cybersecurity trends, tools, and technologies and incorporate them into the training programs. Technical Support Provide ongoing technical support and guidance to participants as they apply learned concepts in real-world situations. Certification Preparation Assist participants in preparing for leading cybersecurity certifications (e.g., CompTIA Security+, CISSP, CEH, etc.). Training Customization Customize training sessions for different levels of experience, from beginners to advanced professionals. Educational Qualifications Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent work experience). Relevant cybersecurity certifications (CISSP, CISM, CEH, CompTIA Security+, etc.) preferred. Experience Training Delivery Minimum of 3 years of experience in cybersecurity roles such as network security, ethical hacking, or information security. Proven experience in delivering cybersecurity training or workshops is a strong plus. Technical Skills Training Delivery In-depth knowledge of cybersecurity concepts, tools, and technologies (e.g., firewalls, IDS/IPS, encryption, VPNs, vulnerability scanning). Hands-on experience with cybersecurity platforms and tools like Wireshark, Kali Linux, Metasploit, Splunk, etc. Familiarity with cybersecurity frameworks (e.g., NIST, ISO 27001). Teaching & Communication Skills Training Delivery Strong presentation and communication skills, with the ability to explain complex topics clearly and effectively to diverse audiences. Patience and the ability to simplify difficult concepts for beginners. Ability to adapt training delivery to different learning styles (visual, auditory, kinesthetic). Personal Skills Training Delivery Analytical and problem-solving abilities. Strong organizational skills with the ability to manage multiple training programs simultaneously. Continuous learner, committed to staying ahead in the ever-changing cybersecurity field. Travel Requirements Training Delivery Travel to training locations across cities/states as per schedule (sometimes on short notice). Travel and accommodation expenses will be covered or reimbursed as per company policies. Training duration at client sites may range from 1 day to 2 weeks. Travel Requirements Training Delivery Travel to training locations across cities/states as per schedule (sometimes on short notice). Travel and accommodation expenses will be covered or reimbursed as per company policies. Training duration at client sites may range from 1 day to 2 weeks. What We Offer Training Delivery Competitive salary + travel allowance + performance incentives A dynamic and growth-focused work environment Opportunities to work with reputed academic and corporate partners Ongoing learning & upskilling support

Hiring Application Security Exp: 5+ Years Notice Period : Preferring Immediate Joiners - 30 Days(If Serving and have LWD Confirmation) - Candidate who are in bench or not serving notice period dont apply Location: Marathahalli-Bangalore Mode Of Work : Hybrid Mandatory Skills Required : Application Security,Penetration Testing,SAST,DAST,IT Risk Assesment, Hands-on experience in penetration testing and tools like Apisan, WebInspect, Fortify, AppSpider, BurpSuite, Qualys, Checkmarx, Coverity CEH/SSCP/OSCP certified. Mode of interview - 1st technical virtual & 2nd technical face to face in Marathahalli - Bangalore location - If you're available for face to face discussions on weekdays - Apply for this role. Interested candidates share your updated resume to suvetha.b@twsol.com

":" Job Description As a Security Engineer , you will assist the information security team in protecting organizational data, systems, and networks. You will gain hands-on experience in various cybersecurity practices, including threat analysis, vulnerability assessment, and incident response. This internship is an excellent opportunity for individuals passionate about cybersecurity and looking to gain real-world experience in a dynamic and fast-paced environment. Key Responsibilities: Assist in monitoring and analyzing security alerts and incidents, responding under supervision. Conduct basic VAPT and report findings to the security team. Familiarity with VAPT tools such as Burp Suite, Nessus, nmap, Metasploit, etc. Research and stay updated on the latest cybersecurity threats, tools, and best practices. Collaborate with cross-functional teams to support security audits and compliance initiatives. Document incident response procedures and other critical processes to ensure best practices are maintained. Assist with the deployment and maintenance of security tools and technologies. Preferred Qualifications 1+ Years of experience in Information Security. Relevant coursework or certifications (e.g., CEH, OSCP, CRTP, CompTIA Security+). Familiarity with vulnerability assessment and penetration testing (VAPT) tools. Basic experience with scripting languages (e.g., Python, Bash) for automation tasks. Knowledge of security practices for AI/ML, including model vulnerability and data privacy for LLMs. Experience or participation in bug bounty programs or Capture the Flag (CTF) competitions.

Job Title: Mobile Application Security Lead (AppSec) Location: Mumbai Experience Required: 4 5 Years Job Type: Full-time, On-site Job Overview: Talakunchi Networks Pvt Ltd is seeking a skilled and motivated Mobile Application Security Lead to oversee and deliver comprehensive security assessments across Android and iOS platforms. The ideal candidate will have a strong background in mobile app penetration testing and will serve as both a technical lead and client-facing expert, ensuring high-quality delivery across multiple engagements. Key Responsibilities: Lead and execute mobile app security testing for Android and iOS platforms. Perform both automated and manual penetration testing including: Static Application Security Testing (SAST) Dynamic Application Security Testing (DAST) Runtime instrumentation and analysis Reverse engineer APKs/IPAs to identify vulnerabilities such as hardcoded secrets and logic flaws. Identify and report security issues based on OWASP Mobile Top 10, insecure storage, transport layer issues, and platform-specific flaws. Use advanced tools: Frida, Objection, MobSF, Burp Suite, Jadx, APKTool, Xposed, Postman, etc. Prepare detailed technical reports with: Risk ratings (CVSSv4/custom) Proof of Concept (PoC) Practical remediation recommendations Interact with client-side stakeholders such as AppDev, QA, and InfoSec teams. Review and validate deliverables prepared by junior team members. Assist in pre-sales efforts: scope definition, effort estimation, and technical discussions. Mentor and train junior security analysts in mobile AppSec practices. Stay up-to-date with the latest mobile vulnerabilities, trends, and tools. Required Skills: Strong understanding of mobile security architecture, Android/iOS internals, and sandboxing In-depth knowledge of OWASP Mobile Top 10 and MASVS Proficient in tools such as: Frida, Objection, Burp Suite, MobSF, Charles Proxy, APKTool, Jadx Postman/Insomnia for API testing Experience with Jailbreaking/Rooting, SSL pinning bypass, and secure coding practices Familiarity with software development life cycle (SDLC) and CI/CD environments Experience in ticketing systems like Jira, ServiceNow, etc. Preferred Certifications: CEH eMAPT eWPTXv2 Bonus Points For: Knowledge of mobile CI/CD security pipeline Familiarity with banking/fintech security standards (RBI, PCI DSS, etc.) Experience in effort estimation and VAPT project planning

Educational Requirements Bachelor of Engineering Service Line Infosys Quality Engineering Responsibilities As part of the Infosys delivery team, your primary role would be to ensure effective Design, Development, Validation and Support activities, to assure that our clients are satisfied with the high levels of service in the technology domain. You will gather the requirements and specifications to understand the client requirements in a detailed manner and translate the same into system requirements. You will play a key role in the overall estimation of work requirements to provide the right information on project estimations to Technology Leads and Project Managers. You would be a key contributor to building efficient programs/ systems . If you think you fit right in to help our clients navigate their next in their digital transformation journey, this is the place for you! Additional Responsibilities: Job Opening is for multiple locations- Bangalore, Hyderabad, Trivandrum, Chennai, Pune Technical and Professional Requirements: Security testing with 3-10 years exp - SAST/DAST/API, Network, Mobile Security/DevSecops/Cloud Security/Threat Modelling/Vulnerability Management/Logging & Audit/GRC/Security Operations/IAMSkills Required - Security Testing--Primary skills:Application Security,Application Security-Burpsuite,Application Security-Devsecops,Application Security-Ethical Hacking(CEH),Application Security-Nessus,Application Security-SSL(Secure Sockets Layer),Application Security-Threat Modeling,Application Security-Vulnerability Assessment/Penetration Testing,Application Security-Vulnerability Management,Application Security-Web Security,Application Security-Webservices Security,Security testing-Vulnerability testing,Technology-Application Security-Vulnerability Management-Qualys,Mobile Testing-Mobile Security Testing Preferred Skills: Technology-Application Security-Application Risk Profiling Threat Modeling Technology-Application Security-Ethical Hacking Technology-Application Security-Mobile Application Security Technology-Application Security-Penetration Testing (Black/White/Grey Box Testing) Technology-Application Security-Vulnerability Management Technology-Mobile Testing-Mobile Security Testing Technology-Security Testing-Security Testing - ALL Technology-Infrastructure Security-Secure Web Gateway-TrendMicro Interscan web security Virtual appliance

Job Description: Responsibilities Test Planning: Develop comprehensive test plans for IT infrastructure projects, including networks, servers, cloud services, and data centers. Define testing objectives, scope, resources, and timelines. Align testing goals with business objectives and technical requirements. Test Strategy Development: Create detailed test strategies covering performance, scalability, security, load, and disaster recovery testing. Plan for both manual and automated testing of IT infrastructure components. Test Execution: Oversee the execution of various tests, such as network stress testing, server load balancing, disaster recovery scenarios, and penetration testing. Coordinate with network engineers, system administrators, and other IT professionals during the testing process. Risk Management: Identify risks early in the process and create mitigation plans. Ensure that the infrastructure is resilient to failures and capable of recovering from disaster scenarios. Reporting and Documentation: Generate test reports and provide detailed documentation of findings, issues, and suggestions for improvements. Track testing progress and outcomes for stakeholders. Collaboration with Stakeholders: Work closely with infrastructure architects, system admins, network engineers, and business units to understand requirements and ensure that the infrastructure is designed for performance, security, and reliability. Act as the bridge between the development team and operations team. Continuous Improvement: Continuously evaluate test processes and tools to improve efficiency. Stay updated on the latest trends and technologies in IT infrastructure testing. Skills and Qualifications: Technical Skills: In-depth understanding of IT infrastructure (servers, networking, cloud platforms, storage, databases, etc.). Knowledge of networking protocols, security testing tools, and methodologies (e.g., penetration testing, vulnerability scanning). Experience with IT Infrastructure Tools: Familiarity with configuration management tools (e.g., Ansible, Puppet, Chef). Experience with cloud platforms like AWS, Azure, or Google Cloud. Experience with system monitoring tools (e.g., Nagios, SolarWinds, Zabbix). Soft Skills: Strong leadership and team management skills. Excellent communication skills to interact with both technical and non-technical stakeholders. Problem-solving ability, especially when diagnosing issues with complex infrastructure systems. Certifications (optional but helpful): ISTQB Certified Tester (Foundation or Advanced Level). Certified Cloud Practitioner (AWS, Azure, or Google Cloud). CompTIA Network+ or other relevant IT infrastructure certifications. Challenges in the Role: Ensuring the infrastructure is scalable and flexible enough to accommodate future growth and unforeseen workloads. Managing the complexity of diverse systems (cloud, on-premises, hybrid environments) and ensuring thorough integration testing. Staying on top of evolving security threats and ensuring infrastructure is resilient against cyber-attacks. Tools and Frameworks: Automation Tools: Jenkins , GitLab CI/CD : For automating the testing pipelines. Ansible , Chef , Puppet : For automating infrastructure configurations. Performance Testing Tools: JMeter , LoadRunner : For load and performance testing of the infrastructure. Network Testing Tools: Wireshark , iperf : For monitoring network traffic and throughput. Cloud Testing Tools: AWS CloudWatch , Azure Monitor : To monitor the health and performance of cloud resources.

The Product Security Architect is responsible for providing application and system level security expertise and mentoring to IA products. As an integral member of our global product security community, support product security activities aligned to the Secure Development Lifecycle process across Aero products. YOU MUST HAVE: Bachelor s degree or equivalent work experience in Cyber Security or Information Technology 6+ years experience in Cyber Security. Strong interpersonal skills with the ability to facilitate diverse groups, help negotiate priorities, and resolve conflicts among stakeholders Knowledge of secure software development lifecycle Basic Applied Cryptography knowledge, which includes encryption algorithms, Public Key Infrastructure (PKI), Secure boot and Open-source risk management. Proficiency in Microsoft threat modeling tool, and reviewing vulnerability assessment Product architecture and development background Software engineering or development experience Secure software development lifecycle experience Knowledge of penetration testing Familiarity of security regulations and standards Understanding of Agile software development practices. WE VALUE: Understanding DevsecOps and have a good working understanding of tooling specific to CI/CD pipelines and security tooling. Information Security accreditation (CISSP/CSSLP or other security related certifications) Experience with widely used security tools like SD Elements, BlackDuck Hub, Microsoft Threat modeling tool, SAST (Coverity, SonarQube), DAST (Burp, ZAP, AppSpider), Fuzzing, Vulnerability management and continuous monitoring tools YOU MUST HAVE: Bachelor s degree or equivalent work experience in Cyber Security or Information Technology 6+ years experience in Cyber Security. Strong interpersonal skills with the ability to facilitate diverse groups, help negotiate priorities, and resolve conflicts among stakeholders Knowledge of secure software development lifecycle Basic Applied Cryptography knowledge, which includes encryption algorithms, Public Key Infrastructure (PKI), Secure boot and Open-source risk management. Proficiency in Microsoft threat modeling tool, and reviewing vulnerability assessment Product architecture and development background Software engineering or development experience Secure software development lifecycle experience Knowledge of penetration testing Familiarity of security regulations and standards Understanding of Agile software development practices. WE VALUE: Understanding DevsecOps and have a good working understanding of tooling specific to CI/CD pipelines and security tooling. Information Security accreditation (CISSP/CSSLP or other security related certifications) Experience with widely used security tools like SD Elements, BlackDuck Hub, Microsoft Threat modeling tool, SAST (Coverity, SonarQube), DAST (Burp, ZAP, AppSpider), Fuzzing, Vulnerability management and continuous monitoring tools Lead efforts with the development teams to manage product risk and apply the appropriate security controls Drive best in class security requirements into product and service offerings. Provide architecture and best practices guidance in building secure Honeywell products. Support product security process activities including threat modeling, security requirements, security reviews, threat vulnerability assessments and risk management for IA applications. Must have product architecture and development background with Secure software development lifecycle experience. Understanding of security by design principles and architecture level security concepts up to date knowledge of current and emerging security threats and techniques for exploiting security vulnerabilities Containers, and VMs, through secure configurations and performing periodic security reviews. Lead efforts in mentoring and training the engineering development community and facilitate adoption of shift-security-to-left practice Lead new initiatives that add value to SDL processes and procedures Lead efforts with the development teams to manage product risk and apply the appropriate security controls Drive best in class security requirements into product and service offerings. Provide architecture and best practices guidance in building secure Honeywell products. Support product security process activities including threat modeling, security requirements, security reviews, threat vulnerability assessments and risk management for IA applications. Must have product architecture and development background with Secure software development lifecycle experience. Understanding of security by design principles and architecture level security concepts up to date knowledge of current and emerging security threats and techniques for exploiting security vulnerabilities Containers, and VMs, through secure configurations and performing periodic security reviews. Lead efforts in mentoring and training the engineering development community and facilitate adoption of shift-security-to-left practice Lead new initiatives that add value to SDL processes and procedures