1538 Penetration Testing Jobs - Page 7

RESPONSIBILITIES Perform penetration testing and vulnerability assessments on web, API, and mobile applications to identify security weaknesses Create new testing methods to identify vulnerabilities. Pinpoint methods and entry points that attackers may use to exploit vulnerabilities or weaknesses. Search for weaknesses in common software, web applications, and proprietary systems. Document and communicate findings as per ASVS checklist, risks, and recommendations in detailed reports for technical and non-technical stakeholders Review and provide feedback for information security fixes. Establish improvements for existing security services, including hardware, software, policies, and procedures. Identify areas where improvement is needed in security education and awareness for users. Be sensitive to corporate considerations when performing testing (i.e. minimize downtime and loss of employee productivity). Stay updated on emerging threats, security trends, and best practices in cybersecurity to improve testing methodologies REQUIRED 3-6 years of Security Vulnerable, Exploitation, and Penetration testing experience. Experience with OWASP testing Guide / Open-Source Security Testing Methodology Manual Experience deploying enterprise security testing solutions. Familiarity with Secure Development Lifecycle practices and Agile development with Continuous Delivery / Integration. Advanced understanding of security concepts and security best practices Understanding and familiarity with common code review methods and standards Experience with performing penetration testing and risk assessments against computer networks Background with Qualys, Tenable, and OpenVAS Vulnerability Scanners Ability to think analytically. Knowledge of technical systems and terminology. Proficiency in scripting languages. Ability to identify and exploit vulnerabilities. GOOD TO HAVE Relevant industry certifications like CEH, GPEN, OSCP, OSCE, CRTO, CRTP, PNPT, and experience working with frameworks like MITRE ATT&CK/D3FEND) and security-related legal and regulatory requirements (ISO 27001, NIST, PCIDSS etc.). Strong problem-solving skills and leadership abilities, with good interpersonal skills to build relationships and communicate findings professionally, with fluency in written and spoken English.

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Saviynt Identity Platform Good to have skills : Identity Access Management (IAM)Minimum 3 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting the implementation of cloud security controls, and facilitating the transition to cloud security-managed operations. You will engage in discussions to refine security strategies and ensure compliance with industry standards, all while adapting to the evolving landscape of cloud technologies and security threats. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Conduct regular assessments of cloud security measures to ensure effectiveness and compliance.- Collaborate with cross-functional teams to integrate security best practices into cloud operations. Professional & Technical Skills: - Must To Have Skills: Proficiency in Saviynt Identity Platform.- Good To Have Skills: Experience with Identity Access Management (IAM).- Strong understanding of cloud security principles and frameworks.- Experience in designing and implementing security controls in cloud environments.- Familiarity with regulatory requirements and compliance standards related to cloud security. Additional Information:- The candidate should have minimum 3 years of experience in Saviynt Identity Platform.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Omada Identity Cloud Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to document the implementation of cloud security controls and facilitating the transition to cloud security-managed operations. You will engage in discussions to align security strategies with organizational objectives, ensuring that all security measures are effectively integrated into the cloud environment. Your role will also require you to stay updated on the latest security trends and technologies to enhance the overall security posture of the organization. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Facilitate training sessions to enhance team knowledge and skills in cloud security.- Evaluate and recommend new security technologies and practices to improve the cloud security framework. Professional & Technical Skills: - Must To Have Skills: Proficiency in Omada Identity Cloud.- Strong understanding of cloud security principles and best practices.- Experience with identity and access management solutions.- Familiarity with regulatory compliance requirements related to cloud security.- Ability to assess and mitigate security risks in cloud environments. Additional Information:- The candidate should have minimum 5 years of experience in Omada Identity Cloud.- This position is based at our Gurugram office.- A 10 years full time education is required. Qualification 15 years full time education

Fynd is India s largest omnichannel platform and a multi-platform tech company specialising in retail technology and products in AI, ML, big data, image editing, and the learning space. It provides a unified platform for businesses to seamlessly manage online and offline sales, store operations, inventory, and customer engagement. Serving over 2,300 brands, Fynd is at the forefront of retail technology, transforming customer experiences and business processes across various industries. At Fynd, we re looking for an Offensive Security Engineer to lead red teaming and penetration testing efforts across our digital ecosystem. You ll simulate real-world attacks, identify complex vulnerabilities, and partner with teams to strengthen our security posture from product design to production. This role is ideal for engineers passionate about adversary emulation, building tools, and driving secure innovation at scale. What will you do at Fynd Conduct deep-dive penetration testing and red team simulations on web, mobile, cloud, APIs, and thick client systems. Perform proactive threat modeling during product development to identify design-stage risks. Build custom scripts/tools and automate offensive security workflows. Report technical findings with clear, actionable remediation strategies. Collaborate with engineering and product teams to embed offensive security into the SDLC. Stay updated on latest threat techniques, CVEs, exploits, and red team tooling. Some more requirements 5+ years in offensive security, penetration testing, or red teaming. Experience with OWASP Top 10, ASVS, MITRE ATT&CK, and threat modeling frameworks. Hands-on with cloud platforms (AWS/GCP/Azure), thick clients, and secure app architecture. Proficiency in scripting (Python, Go, Bash) and tools like Burp Suite, ZAP, Metasploit, Cobalt Strike. Strong communication and reporting skills for both technical and business audiences. Additional Skills Experience in ecommerce or AI/ML-driven platforms. Prior work in vulnerability research, CVE publication, or exploit development. Certifications: OSCP, OSWE, OSEP, CRTO or cloud security certs. Contributions to open-source tools, blogs, or conferences in the infosec community. What do we offer Growth Growth knows no bounds, as we foster an environment that encourages creativity, embraces challenges, and cultivates a culture of continuous expansion. We are looking at new product lines, international markets and brilliant people to grow even further. We teach, groom and nurture our people to become leaders. You get to grow with a company that is growing exponentially. Flex University : We help you upskill by organising in-house courses on important subjects Learning Wallet: You can also do an external course to upskill and grow, we reimburse it for you. Culture Community and Team building activities Host weekly, quarterly and annual events/parties. Wellness Mediclaim policy for you + parents + spouse + kids Experienced therapist for better mental health, improve productivity & work-life balance We work from the office 5 days a week to promote collaboration and teamwork. Join us to make an impact in an engaging, in-person environment!

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Omada Identity Cloud Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to document the implementation of cloud security controls and facilitating the transition to cloud security-managed operations. You will engage in discussions to align security strategies with organizational objectives, ensuring that all security measures are effectively integrated into the cloud environment. Your role will also require you to stay updated on the latest security trends and technologies to enhance the overall security posture of the organization. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Facilitate training sessions to enhance team knowledge and skills in cloud security.- Develop and maintain comprehensive documentation of security policies and procedures. Professional & Technical Skills: - Must To Have Skills: Proficiency in Omada Identity Cloud.- Good To Have Skills: Experience with cloud security frameworks and compliance standards.- Strong understanding of identity and access management principles.- Experience with security incident response and risk management.- Familiarity with cloud service providers and their security offerings. Additional Information:- The candidate should have minimum 7.5 years of experience in Omada Identity Cloud.- This position is based at our Gurugram office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Infrastructure Security Vulnerability Management Operations Good to have skills : NAMinimum 7.5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting security controls, and overseeing the transition to cloud security-managed operations. You will engage in strategic discussions to align security measures with organizational objectives, ensuring a robust security posture in the cloud environment. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Facilitate training sessions to enhance team knowledge on security best practices.- Conduct regular assessments of security frameworks to ensure compliance with industry standards. Professional & Technical Skills: - Must To Have Skills: Proficiency in Infrastructure Security Vulnerability Management Operations.- Strong understanding of cloud security principles and practices.- Experience with risk assessment methodologies and tools.- Ability to design and implement security controls in cloud environments.- Familiarity with compliance frameworks such as ISO 27001, NIST, or GDPR. Additional Information:- The candidate should have minimum 7.5 years of experience in Infrastructure Security Vulnerability Management Operations.- This position is based at our Bengaluru office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : Omada Identity Cloud Good to have skills : NAMinimum 12 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to document the implementation of cloud security controls and facilitating the transition to cloud security-managed operations. You will engage in discussions to align security strategies with organizational objectives, ensuring that all security measures are effectively integrated into the cloud environment. Your role will also require you to stay updated on the latest security trends and technologies to enhance the overall security posture of the organization. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Expected to provide solutions to problems that apply across multiple teams.- Facilitate training sessions to enhance team knowledge and skills in cloud security.- Conduct regular assessments of cloud security measures to identify areas for improvement. Professional & Technical Skills: - Must To Have Skills: Proficiency in Omada Identity Cloud.- Strong understanding of cloud security frameworks and best practices.- Experience with identity and access management solutions.- Familiarity with compliance standards and regulations related to cloud security.- Ability to analyze and mitigate security risks in cloud environments. Additional Information:- The candidate should have minimum 12 years of experience in Omada Identity Cloud.- This position is based at our Gurugram office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Engineer Project Role Description : Apply security skills to design, build and protect enterprise systems, applications, data, assets, and people. Provide services to safeguard information, infrastructures, applications, and business processes against cyber threats. Must have skills : SailPoint IdentityNow Good to have skills : NAMinimum 5 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Engineer, you will apply your security skills to design, build, and protect enterprise systems, applications, data, assets, and people. Your typical day will involve collaborating with various teams to ensure the integrity and security of information systems, while also addressing potential vulnerabilities and implementing effective security measures to safeguard the organization against cyber threats. You will engage in proactive monitoring and assessment of security protocols, ensuring that all systems are fortified against emerging risks and challenges in the cybersecurity landscape. Roles & Responsibilities:- Expected to be an SME.- Collaborate and manage the team to perform.- Responsible for team decisions.- Engage with multiple teams and contribute on key decisions.- Provide solutions to problems for their immediate team and across multiple teams.- Conduct regular security assessments and audits to identify vulnerabilities and recommend improvements.- Develop and implement security policies and procedures to ensure compliance with industry standards. Professional & Technical Skills: - Must To Have Skills: Proficiency in SailPoint IdentityNow.- Experience with identity governance and administration solutions.- Strong understanding of security frameworks and compliance regulations.- Familiarity with risk assessment methodologies and tools.- Ability to analyze security incidents and develop effective response strategies. Additional Information:- The candidate should have minimum 5 years of experience in SailPoint IdentityNow.- This position is based at our Gurugram office.- A 15 years full time education is required. Qualification 15 years full time education

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : SailPoint IdentityNow Good to have skills : NAMinimum 2 year(s) of experience is required Educational Qualification : 15 years full time education Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting security controls, and transitioning to cloud security-managed operations, all while ensuring compliance with industry standards and best practices. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Engage in continuous learning to stay updated with the latest security trends and technologies.- Assist in the development of security policies and procedures to enhance the overall security posture. Professional & Technical Skills: - Must To Have Skills: Proficiency in SailPoint IdentityNow.- Strong understanding of cloud security principles and practices.- Experience with identity and access management solutions.- Familiarity with regulatory compliance frameworks such as GDPR and HIPAA.- Ability to analyze and mitigate security risks effectively. Additional Information:- The candidate should have minimum 2 years of experience in SailPoint IdentityNow.- This position is based at our Hyderabad office.- A 15 years full time education is required. Qualification 15 years full time education

Job Title Security Delivery Senior Analyst Management Level: 10 - Senior Analyst Location: Bengaluru Must have skills: Node.js, PostgreSQL, AWS, Azure DevOps, Agile, CI/CD, Strong Communication, Estimation (for level 8/9) Good to have skills: Application Security, AWS Fargate, Google BigQuery Job Summary : The ISD backend developer will be responsible for writing code for the upcoming changes and operational tasks. The application is built in AWS Cloud Native architecture. The application is written in AngularJS, Node.js, both in TypeScript. The developer must be skilled in Node.js, PostgreSQL, AWS and be familiar with agile concepts and automated CI/CD including unit testing. Roles & Responsibilities: The backend developer will be responsible for supporting a custom-built dashboard in AngularJS and Node.js. Level 9/8 developers must prioritize work, estimate work, and assist other developers. The Developer will also take part in future project planning and estimation. Professional & Technical Skills: Technical Experience: The backend developer must be skilled in NodeJS and PostgreSQL and have working knowledge of TypeScript and PostgreSQL. The Developer must also be experienced in Continuous Integration/Continuous Deployment (CI/CD) to automate builds and deployments. Professional Experience: The backend developer must be self-motivated with excellent communication skills. The developer should be able to work with the lead(s) to solve complex development challenges, perform peer/quality reviews and maintain the teams code repository and deployment activities. Additional Information: About Our Company | AccentureQualification Experience: Minimum 4+ years of experience is required Educational Qualification: Any Degree

Project Role : Security Architect Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations. Must have skills : SailPoint IdentityNow Good to have skills : NAMinimum 2 year(s) of experience is required Educational Qualification : BE or MCA or MSc with Good Computer Science Background with good academic record. Summary :As a Security Architect, you will define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Your typical day will involve collaborating with various teams to assess security needs, documenting security controls, and transitioning to cloud security-managed operations, all while ensuring compliance with industry standards and best practices. Roles & Responsibilities:- Expected to perform independently and become an SME.- Required active participation/contribution in team discussions.- Contribute in providing solutions to work related problems.- Engage in continuous learning to stay updated with the latest security trends and technologies.- Assist in the development and implementation of security policies and procedures. Professional & Technical Skills: - Must To Have Skills: Proficiency in SailPoint IdentityNow.- Strong understanding of cloud security principles and practices.- Experience with identity and access management solutions.- Familiarity with security compliance frameworks such as ISO 27001 or NIST.- Ability to analyze and mitigate security risks effectively. Additional Information:- The candidate should have minimum 2 years of experience in SailPoint IdentityNow.- This position is based at our Hyderabad office.- A BE or MCA or MSc with Good Computer Science Background with good academic record is required. Qualification BE or MCA or MSc with Good Computer Science Background with good academic record.

1. Performs all administration, management, configuration, testing, and integration tasks related to the Threat Intel Platform solutions, and associated platforms including content creation and maintenance. 2. Develop information security and incident response workflows, procedures, and best practices and publish them in confluence. 3. Background to AWS, EC2, Kubernetes, and Docker implementation Jenkins, Bitbucket, Vscode/Pycharm, JIRA, etc. 4. Candidate who understands Network infrastructure in terms of cybersecurity. 5. Performing documentation tasks that he has been assigned and updating regularly and publishing it in the confluence folder. 6. Performing Code Review - (Preferred language Python and Ansible) 7. Documentation of changes in confluence 8. Working on service now for Change - management process required for implementation of project.

About the Opportunity In the dynamic cloud security and cybersecurity sector, a leading tech innovator in India is seeking a skilled Cloud Security Engineer to bolster its on-site security operations. This role involves working with advanced cloud solutions to protect critical digital infrastructure, ensuring compliance with industry standards and regulations. You will be part of a proactive, technology-driven team dedicated to safeguarding enterprise assets and driving secure business outcomes. Role & Responsibilities Design, implement, and manage robust cloud security solutions across major cloud platforms (AWS, Azure, GCP). Conduct risk assessments, vulnerability scans, and security audits to identify and mitigate potential threats. Collaborate with engineering and IT teams to integrate secure practices during cloud infrastructure deployments and migrations. Develop and enforce security policies, protocols, and incident response plans aligned with industry standards. Monitor cloud environments continuously, analyze security alerts, and respond promptly to security incidents. Stay updated on emerging threats and evolving cloud security trends, suggesting innovative improvements. Skills & Qualifications Must-Have Proven hands-on experience as a Cloud Security Engineer with a strong background in cloud platforms and security best practices. Deep understanding of security frameworks and regulatory standards (ISO 27001, NIST, GDPR, etc.). Expertise in vulnerability assessment, penetration testing, encryption technologies, and firewall configurations. Experience in developing and executing incident response plans and risk management strategies. Preferred Cloud certifications (e.g., AWS Certified Security Specialty, Azure Security Engineer) to validate your expertise. Knowledge of automation and scripting languages such as Python or PowerShell to streamline security operations. Benefits & Culture Highlights Competitive salary package with performance-based bonuses. A collaborative, inclusive, and innovation-driven work environment. Opportunities for continuous learning and professional growth in a rapidly evolving tech landscape.

Roles & Responsibilities: Consultancy and Support towards Security and compliance controls with respect to various Bosch/Industry regulations Conduct compliance assessments and provide consultation on security frameworks, including ISO 27001:2022. Engage with stakeholders, including managers, application owners, and technical teams, to assess security controls and document security compliance. Conduct and consult on gap analyses for security policies, controls, and procedures. Assist in developing and maintaining Business Continuity Management Plans (BCMP). Provide guidance on security best practices, including penetration testing, vulnerability scanning, encryption, and backup/storage security. Ensure security documentation is complete, accurate, and up to date. Assist in the implementation of security standards, policies, and regulatory requirements. Follow the roadmap as aligned with customer unit in completion of Policy implementations and controls in the Applications Prepare reports and documentation to demonstrate compliance with relevant standards Ensure the customer KPIs, quality and deliverables are met Skills: Know-how in IT systems Experience in Application Management Processes, Governance and Policies Knowledge of security concepts, including penetration testing, vulnerability scanning, encryption, backup and storage security, business continuity management, and application security. Overview and Experience in Information, Project, IT Security and/or IAM and GRC Processes Work experience with GRC tools will be an added advantage Good working knowledge in MS office (Excel, word and PPT). Knowhow in excel functions (E. g. , Pivot table, charts , lookup functions, etc. , ) Professional oral and written communication skills Know-how on ITIL service management processes will be an added advantage Should be a good team player, flexible and deadline oriented Good verbal and written communication in English and German

Roles & Responsibilities: Consultancy and Support towards Security and compliance controls with respect to various Bosch/Industry regulations Conduct compliance assessments and provide consultation on security frameworks, including ISO 27001:2022. Engage with stakeholders, including managers, application owners, and technical teams, to assess security controls and document security compliance. Conduct and consult on gap analyses for security policies, controls, and procedures. Assist in developing and maintaining Business Continuity Management Plans (BCMP). Provide guidance on security best practices, including penetration testing, vulnerability scanning, encryption, and backup/storage security. Ensure security documentation is complete, accurate, and up to date. Assist in the implementation of security standards, policies, and regulatory requirements. Follow the roadmap as aligned with customer unit in completion of Policy implementations and controls in the Applications Prepare reports and documentation to demonstrate compliance with relevant standards Ensure the customer KPIs, quality and deliverables are met Skills: Know-how in IT systems Experience in Application Management Processes, Governance and Policies Knowledge of security concepts, including penetration testing, vulnerability scanning, encryption, backup and storage security, business continuity management, and application security. Overview and Experience in Information, Project, IT Security and/or IAM and GRC Processes Work experience with GRC tools will be an added advantage Good working knowledge in MS office (Excel, word and PPT). Knowhow in excel functions (E. g. , Pivot table, charts , lookup functions, etc. , ) Professional oral and written communication skills Know-how on ITIL service management processes will be an added advantage Should be a good team player, flexible and deadline oriented Good verbal and written communication in English and German

We are hiring a hands-on Penetration Tester to lead and execute end-to-end security assessments across Web, Infrastructure, and Cloud environments. As the technical backbone of our lean and growing VAPT practice, you ll work closely with the Security Lead and directly engage with clients to deliver meaningful, high-impact security outcomes. Key Responsibilities: Perform manual and automated penetration testing across: Web Applications (based on OWASP Top 10) Infrastructure (external/internal IPs, firewall review, patch audits) Cloud Environments (basic Azure/AWS IAM, Storage, Networking) Identify, exploit, and report on vulnerabilities such as SSRF, RCE, IDOR, LFI, and S3 bucket exposures Use tools such as Burp Suite , Nmap , SQLMap , Nikto , Nessus/OpenVAS Write high-quality, detailed technical reports with: Screenshots for PoCs Remediation guidance Risk severity scoring (preferably CVSSv3 ) Collaborate with clients to explain findings and provide actionable recommendations Contribute to toolchain improvements and lightweight automation (Python/Bash preferred)

As a Security Testing professional at Lexmark India, you will be part of a dynamic team dedicated to ensuring the security of our software products. You will have the opportunity to utilize your technical expertise to conduct web application security assessments and penetration tests. Your role will involve assessing applications for various security issues such as Authentication, Authorization, User management, Session management, Data validation, and common attacks like SQL injection, Cross-site scripting, and Command injection. Additionally, you will evaluate the security aspects of Web Services design and implementation, focusing on confidentiality, integrity, trust relationships, and authentication using security standards like XML signatures, XML encryption, SAML, and WS-Security. Your responsibilities will extend to thick client assessment, writing formal security assessment reports, and participating in client conference calls for data gathering and technical issue advisory. To excel in this role, you should possess hands-on experience with tools like Fiddler, Paros, Burp, Sqlmap, Nikto, Nmap, Openssl, Mallory, Wireshark, and have familiarity with mobile application development and assessment for platforms such as iOS, Android, and Windows. Knowledge of web application development languages like C#, Java, PHP, ASP.NET, scripting languages like Python, JavaScript, Ruby, SQL, and reviewing code in languages such as C, C++, Java, PHP, C#, ASP.NET, Go is essential. Moreover, expertise in automated source code analysis tools like Acunetix, Appscan, and certifications such as OSCP or CEH will be advantageous. Proficiency in version control software like git and Subversion, along with a demonstration of Lexmark core values including Innovation, Excellence, Agility, Integrity, Community, and Respect, will further enhance your suitability for this role. If you are a self-starter with a strong aptitude, analytical skills, and a passion for technology, and have 3 to 5 years of application security testing experience, then we encourage you to apply for this exciting opportunity with Lexmark India. Join us in our mission to deliver first-class products and solutions to our global customers. Apply now and showcase your innovative spirit with a renowned technology leader.,

We're Hiring! I am excited to share some amazing career opportunities at Happiest Minds. Take your Security career to the next level with Happiest Minds, ! Join a dynamic team, where Security Meets Innovation, and grow with us. Be recognized in a Great Place to Work Certified environment Interested professionals can directly reach out to me ankita.patari@happiestminds.com or can apply in below post Preferred candidate profile : Cyber Security Assessment & Consulting,Manual Penetration Testing using OWASP checklists,OWASP Top 10,OWASP ZAP,Static Code analysis,Static/dynamic testing of mobile applications,Vulnerability Assessment Location : Bangalore Immediate joiner to 15 days only Role & responsibilities Performed Application Security Testing, Cloud Security Testing. Review Reports. Stakeholder management. Thanks and regards, Ankita

Let s do this. Let s change the world. In this vital role you will Guide and support junior team members by offering technical advice, conducting code reviews, and sharing knowledge to promote their professional development. Perform security testing (e.g., penetration testing, code reviews) and ensure continuous security monitoring across the organization s IT landscape. Identify vulnerabilities in networks, systems, applications, and infrastructure through hands-on penetration testing. Attempt to exploit discovered vulnerabilities to demonstrate their impact and prove their existence (e.g., retrieving sensitive data, elevating user privileges, or gaining access to admin functionality). Perform assessments on web applications, cloud environments, and network infrastructure. Use automated tools and manual techniques to identify security weaknesses. Conduct advanced post-exploitation tasks to simulate real-world attack scenarios. Work with third-party security vendors for audits, product testing, and external assessments when required. Use automated tools (e.g., Burp Suite, OWASP ZAP, or Acunetix) to identify common vulnerabilities such as SQL Injection, Cross-Site Scripting (XSS), Cross-Site Request Forgery (CSRF), and others. Document identified vulnerabilities in detail, explaining how they were found, their severity, and their potential impact. Include proof-of-concept (PoC) for critical vulnerabilities. Offer actionable, practical solutions for fixing the vulnerabilities, such as secure coding practices, configuration changes, or security controls. Use risk-based prioritization, categorizing issues by their severity and business impact (e.g., high, medium, low) to help the organization focus on the most critical issues. Continuously learn about the latest vulnerabilities, exploits, and security trends. Present the findings to stakeholders, security teams, and management, explaining the business risk and potential impacts of the vulnerabilities discovered. Familiarity with industry standards and compliance requirements (e.g., PCI-DSS, NIST, ISO 27001) and their relevance to penetration testing. What we expect of you We are all different, yet we all use our unique contributions to serve patients. This role has a strong focus on ensuring the organizations infrastructure, applications, and systems are secure from external and internal threats. This role is responsible for conducting authorized security tests on IT infrastructure to evaluate the strength of its systems against potential cyberattacks. A variety of automated tools and manual techniques are leveraged to simulate real-world attacks. The penetration tester then works with the organization to prioritize, remediate and report on identified issues, strengthening the overall security posture. Basic Qualifications: Bachelor s degree with 6 - 8 years of experience in Computer Science, Cybersecurity or Information Systems related field . Preferred Qualifications: Must-Have Skills: Strong knowledge of common vulnerabilities (e.g., OWASP Top 10, SANS Top 25), network protocols, encryption standards, application security and common penetration testing methodologies (ISSAF, OSSTMM, PTES). Familiarity with tools like Burp Suite, OWASP ZAP and Metasploit. A deep understanding of web application architecture, databases, and authentication mechanisms. Ability to think critically and creatively when testing and attempting to exploit vulnerabilities. Good-to-Have Skills: Experience with threat intelligence and incorporating emerging threats into penetration testing practices Proficiency in scripting and automation (e.g., Python, Bash) is a plus Professional Certifications (please mention if the certification is preferred or mandatory for the role): Preferred: eJPT, eCPPT, eWPT, OSCP, OSWA, GWAPT What you can expect of us As we work to develop treatments that take care of others, we also work to care for your professional and personal growth and well-being. From our competitive benefits to our collaborative culture, we ll support your journey every step of the way. In addition to the base salary, Amgen offers competitive and comprehensive Total Rewards Plans that are aligned with local industry standards.

Test Manager -JD mentioned below 6 + Years of experience Band E2 In-depth understanding of IT infrastructure (servers, networking, cloud platforms, storage, databases, etc.). Knowledge of networking protocols, security testing tools, and methodologies (e.g., penetration testing, vulnerability scanning). A Test Engineer for IT Infrastructure is a key role in ensuring that all aspects of IT infrastructure, including hardware, networks, storage, and servers, are thoroughly tested to meet the companys requirements for performance, security, and reliability. The Test Manager is responsible for overseeing testing strategies, planning, execution, and reporting for IT infrastructure projects, ensuring that systems function as intended before they go live. Here s a breakdown of the typical responsibilities and skills required for this role: Responsibilities: Test Planning: Develop comprehensive test plans for IT infrastructure projects, including networks, servers, cloud services, and data centers. Define testing objectives, scope, resources, and timelines. Align testing goals with business objectives and technical requirements. Test Strategy Development: Create detailed test strategies covering performance, scalability, security, load, and disaster recovery testing. Plan for both manual and automated testing of IT infrastructure components. Test Execution: Oversee the execution of various tests, such as network stress testing, server load balancing, disaster recovery scenarios, and penetration testing. Coordinate with network engineers, system administrators, and other IT professionals during the testing process. Risk Management: Identify risks early in the process and create mitigation plans. Ensure that the infrastructure is resilient to failures and capable of recovering from disaster scenarios. Reporting and Documentation: Generate test reports and provide detailed documentation of findings, issues, and suggestions for improvements. Track testing progress and outcomes for stakeholders. Collaboration with Stakeholders: Work closely with infrastructure architects, system admins, network engineers, and business units to understand requirements and ensure that the infrastructure is designed for performance, security, and reliability. Act as the bridge between the development team and operations team. Continuous Improvement: Continuously evaluate test processes and tools to improve efficiency. Stay updated on the latest trends and technologies in IT infrastructure testing. Skills and Qualifications: Technical Skills: In-depth understanding of IT infrastructure (servers, networking, cloud platforms, storage, databases, etc.). Knowledge of networking protocols, security testing tools, and methodologies (e.g., penetration testing, vulnerability scanning). Experience with IT Infrastructure Tools: Familiarity with configuration management tools (e.g., Ansible, Puppet, Chef). Experience with cloud platforms like AWS, Azure, or Google Cloud. Experience with system monitoring tools (e.g., Nagios, SolarWinds, Zabbix). Soft Skills: Strong leadership and team management skills. Excellent communication skills to interact with both technical and non-technical stakeholders. Problem-solving ability, especially when diagnosing issues with complex infrastructure systems. Certifications (optional but helpful): ISTQB Certified Tester (Foundation or Advanced Level). Certified Cloud Practitioner (AWS, Azure, or Google Cloud). CompTIA Network+ or other relevant IT infrastructure certifications. Challenges in the Role: Ensuring the infrastructure is scalable and flexible enough to accommodate future growth and unforeseen workloads. Managing the complexity of diverse systems (cloud, on-premises, hybrid environments) and ensuring thorough integration testing. Staying on top of evolving security threats and ensuring infrastructure is resilient against cyber-attacks. Tools and Frameworks: Automation Tools: Jenkins , GitLab CI/CD : For automating the testing pipelines. Ansible , Chef , Puppet : For automating infrastructure configurations. Performance Testing Tools: JMeter , LoadRunner : For load and performance testing of the infrastructure. Network Testing Tools: Wireshark , iperf : For monitoring network traffic and throughput. Cloud Testing Tools: AWS CloudWatch , Azure Monitor : To monitor the health and performance of cloud resources.

Perform Web Application PT, Mobile Application PT, Network VAPT, Source code review, Wireless pen-testing- Write detailed reports on VAPT findings- Perform and present research on various attack vectors- Perform red teaming activities- Understand client requirements and provide tailored security solutions to address complex security testing and risk assessment needs- Build and maintain efficient working relationships with clients Certifications: Good to have: OSCP, OSWA, PNPT, eJPT, eCPPTv2, CREST and other relevant certifications Education Qualification : BCA / B-Tech / B-Sc Computer Science / B-Sc - Information Security / Cyber Forensics / M-Sc Information Security/ Cyber Forensics- Experience: - Minimum 5 years of relevant security testing experience in : Web application penetration testing Network VAPT, Active Directory penetration testing- Mobile application penetration testing (Android and iOS) and thick client- - Skilled in manual testing and using Burp Suite Pro, WebInspect, Acunetix - Experience in secure code review (manual and automated)- - Good programming skills in any language- - Proficient with OWASP security standards with a deep understanding of common security vulnerabilities - Experience in red teaming activities is a plus- - Good communication skills, especially presentation and technical writing skills- - Excellent analytical and problem-solving skills- Benefits Competitive salary and benefits Medical Insurance - Self & family Parental Support - Maternity Leave Retirement Benefits - PF Contribution Opportunities for professional growth Collaborative and inclusive work environment

What Youll Do We are seeking a highly experienced Principal, Application Security Engineer to lead and evolve our global application security strategy. This role is critical to ensuring our products and platforms are built securely from the ground up and resilient to an evolving threat landscape. You will partner with engineering, product, DevOps, and Security teams to embed security into our SDLC, drive secure coding practices, and influence stakeholders and leaders across the organization. Responsibilities: Develop application security strategies across the global enterprise. Design and implement secure applications and consistently enhance the software development life cycle (SDLC) process. Conduct thorough security assessments, including static and dynamic application security testing (SAST/DAST), threat modeling, web/mobile application and API penetration testing, and application architecture design reviews. Partner with teams such as security operations, DevOps, development, networking, IT, and product teams to remediate issues and ensure a strong security posture. Contribute to the development and automation of security testing tools and processes. Manage third party penetration testing services. Deliver threat modeling training to development teams to consistently enhance product security and reduce risk. Assist with incident response (IR) activities that may relate to application security. What You May Need to be Successful: 7+ years of experience with some combination of application security engineering, threat modeling, penetration testing, web application/API development (.NET/C#, Java, JavaScript), system administration, networking, and information security. Proficiency with web application/API testing, static code analysis, and web application vulnerability scanners. Relevant industry certifications from organizations such as OffSec, SANS, or isc2. Previous technical security engineering role that involved mentorship or training. Effective communication skills and experience with presenting to a technical audience and executive leadership. Work Location: Mumbai/Bangalore (remote) Joining time needed: not exceeding 30 days

Principal Application Security Engineer-First Advantage (Mumbai/Bangalore) Bangalore, Karnataka, India Play Video Job Info Why First Advantage Apply What Youll Do We are seeking a highly experienced Principal, Application Security Engineer to lead and evolve our global application security strategy. This role is critical to ensuring our products and platforms are built securely from the ground up and resilient to an evolving threat landscape. You will partner with engineering, product, DevOps, and Security teams to embed security into our SDLC, drive secure coding practices, and influence stakeholders and leaders across the organization. Responsibilities: Develop application security strategies across the global enterprise. Design and implement secure applications and consistently enhance the software development life cycle (SDLC) process. Conduct thorough security assessments, including static and dynamic application security testing (SAST/DAST), threat modeling, web/mobile application and API penetration testing, and application architecture design reviews. Partner with teams such as security operations, DevOps, development, networking, IT, and product teams to remediate issues and ensure a strong security posture. Contribute to the development and automation of security testing tools and processes. Manage third party penetration testing services. Deliver threat modeling training to development teams to consistently enhance product security and reduce risk. Assist with incident response (IR) activities that may relate to application security. What You May Need to be Successful: 7+ years of experience with some combination of application security engineering, threat modeling, penetration testing, web application/API development (.NET/C#, Java, JavaScript), system administration, networking, and information security. Proficiency with web application/API testing, static code analysis, and web application vulnerability scanners. Relevant industry certifications from organizations such as OffSec, SANS, or isc2. Previous technical security engineering role that involved mentorship or training. Effective communication skills and experience with presenting to a technical audience and executive leadership. Work Location: Mumbai/Bangalore (remote) Joining time needed: not exceeding 30 days

Job Description Key Responsibilities, Deliverables / Outcomes: Project Leadership: Lead and manage large, complex penetration testing and security testing engagements end-to-end. Act as the primary technical and engagement lead for key client accounts. Ensure timely delivery, quality assurance, and stakeholder communication throughout project lifecycles. Provide mentorship and guidance to junior and mid-level consultants. Technical Execution: Perform and review web, mobile, API, network, cloud, and configuration security assessments. Maintain technical excellence across multiple service lines, staying updated on the latest vulnerabilities, tools, and attack techniques. Conduct business logic reviews, threat modeling, and red teaming exercises as needed. Client Engagement: Act as a trusted advisor to clients, providing strategic security recommendations and actionable insights. Be ready for onsite visits, workshops, and executive-level presentations when required. Handle sensitive engagements with professionalism and discretion. Presales Support: Support RFP responses, proposal writing, and technical solutioning. Participate in client sales meetings and scoping discussions. Provide accurate effort estimations and help define delivery models. Practice Development: Contribute to the development and refinement of security testing services and methodologies. Drive internal initiatives to improve quality, efficiency, and innovation in service delivery. Create technical content, whitepapers, or knowledge base articles to support team growth. Key Skills 3 5 years of hands-on experience in penetration testing or offensive security. Proven track record of leading complex security assessments with large clients. Expertise in Web, Mobile, Network, API, Cloud, Configuration Reviews, and/or Red Teaming. Familiarity with security standards such as OWASP, PTES, NIST, and MITRE ATT&CK. Strong communication and client-facing skills. Experience supporting presales efforts, including proposals, SOWs, and client discussions. Certifications such as OSCP, OSWA, CRTO, CREST CRT/CCT, or similar are preferred. Key Competencies 1. Accountability 2. Communications - Oral & Written 3. Analysis Skills 4. Passion 5. Adaptability

Position Summary: Design, install, manage, and implement business plans, policies and procedures to maintain systems, network, database and/or Web security; develop, implement, and maintain information security, including access management, vulnerability assessments, penetration testing, infrastructure, and regulatory compliance; responsible for reporting, investigation, and resolution of data security incidents; analyze business needs and oversee security architecture, administration, and policy planning to lessen possibility of security breach; recommend enhancements to plug potential security gaps. Prevent IT-based crime, hacking, intentional or inadvertent modification, disclosure, or destruction to an organizations information systems and IT assets and intellectual property including: Designing, testing, and implementing secure operating systems, networks, and databases; Password auditing, network based and Web application based vulnerability scanning, virus management, and intrusion detection; Conducting risk audits and assessments, providing recommendations for application design. Monitoring and analyzing system access logs; Planning for security backup. Provide guidance and direction on best practices for the protection of information; ensure compliance with regulations and privacy laws. May oversee internal or external systems security (e.g., cloud services). What you bring to the role: Entry-level position typically requiring little to no prior experience. Work is routine or follows standard procedures. Work is closely supervised. Problems faced are routine with clearly defined solutions. Communicates information that requires little explanation or interpretation. Possesses moderate understanding of general aspects of job. Works on assignments that are routine in nature, requiring limited judgment. Has little or no role in decision-making. Works under close direction of senior personnel in the functional area. Normally receives detailed instructions on all work. High School Diploma or equivalent. 0-1 year general experience. 1 year functional experience strongly desired. Acquires job skills and learns company policies and procedures to complete routine tasks.