670 Qualys Jobs - Page 10

JD for Cyber security: a. Scripting experience b. Must have worked on security products like firewall, AV, Patch, VAPT, Qualys etc. c. Java, Python, firewell, scripting coding, power Shell scripting . d. Certification like basic MS, Linux or CCNA types ensuring basic should be clear. e. Experience of at least 5+ years f. Programming background with security inclination will also better Key skills- Expertise in cloud security testing & validation Scripting experience like Python, PowerShell bash etc Team Management and Leadership Cybersecurity Expertise Vulnerability Assessment & remediation Penetration Testing IT Risk Management, Security Compliance & Governance. Exposure to the tools like Qualys, Nessus, Workspace one. Scripting and cyber security tools knowledge experience Must have worked on security products like firewall, Symantec AV, Patch, VAPT, Qualys, Cortex XDR etc. Java, Python,firewell, scripting coding, power Shell scripting. Remediation using Qualys, Creating and Deploying Scripts via Qualys, and other modules experience in Qualys tools.

Job Description of Lead Systems Administrator for Infinite Computer Solutions Title: Lead Systems Administrator (E4) Location: Bangalore Experience : 10 – 12 Years Job Description: Strong understanding and hands on Google Cloud Platform (GCP) services and administration including Compute Engine, Virtual Private Cloud, Cloud Storage, and other relevant services. Experience in managing and troubleshooting Windows Server environments, including Active Directory, IIS, DNS, DHCP , Windows server Upgrades, migration and other related technologies. Good experience with Print / File servers , FTP and SFTP Familiarity with Cloud management tools , cost optimization techniques, and security best practices. Experience with troubleshooting complex issues across application tiers, including web servers, application servers, and databases. Experience with scripting languages like PowerShell, Python and automation tools like Terraform or Ansible for infrastructure management. Familiarity with ITSM tools like ServiceNow for incident and change management. Experience with VMware / Hyper-V virtualization platform, including vCenter Server / Hyper-V Manager, vSAN, and other related technologies. Good knowledge and understanding on Backup (Rubrik, Commvault, etc.) and Storage Technologies. Strong knowledge of Windows Server Patch Management (WSUS / SCCM) and other OS hardening techniques. Vulnerability remediation – Have understanding on VAPT tools (Qualys, Rapid7 etc.) Experience in Installing, configuring, managing and updating antivirus software on Windows servers ( Microsoft Defender ) Familiar with monitoring tools like SolarWinds, Prometheus, Zabbix etc. Understanding of CI/CD pipelines and DevOps principles for application deployment and infrastructure management. Qualifications Bachelor's Degree Range of Year Experience-Min Year 10 Range of Year Experience-Max Year 12

Oreta is a leading technology services company that empowers business outcomes through advisory, delivery and managed services using network, cloud, security, and analytics. Our commitment to innovation and excellence has earned us numerous prestigious awards in the Australian technology sector, including recognition from ARN, Telstra, Deloitte and CRN. We maintain strategic partnerships with renowned industry leaders such as Microsoft, Telstra, Cisco, Sentinel One, Palo Alto Networks, VMware Premium, and Qualys, enabling us to deliver top-tier solutions and services. Role & responsibilities Delivery of projects related to O365, Teams calling, SharePoint, Microsoft Teams, Intune, Azure, Active Directory, endpoint security, email security and VDI Responding and resolving service tickets within the required SLAs for proactive and reactive support tickets Configuring/troubleshooting Microsoft Collaboration solutions, PCs and network equipment Troubleshooting and supporting Microsoft Collaboration solutions via our ticketing system, telephone, email, and in-person Monitoring and controlling usage and help identify efficiencies in process and solutions Upgrading devices/solutions to the latest patches and major releases Monitoring system performance and capacity, and providing periodic system status reports Performing timely escalations as per SLAs Providing inputs for creation of SOPs and process improvements Maintaining high customer satisfaction Working collaboratively with the Service Delivery and Support team, Investigating faults in customers' O365 environment and maximizing performance through ongoing monitoring and troubleshooting Updating network equipment to the latest firmware releases Reporting on service scope to key stakeholders Preferred candidate profile 3+ years experience working in some of the following areas: IT service desk experience PC deployment and build O365, Microsoft Teams, Intune, Azure, Active Directory, endpoint security, email security, VDI, IP Telephony, VPN O365 mailbox migrations, Sharepoint migrations M365- Windows 10 Exposure to Cisco, Meraki, Check Point and other vendors (desirable) Exposure to any Video conferencing equipment (desirable). Prior experience working in an ITIL environment Microsoft certified Associate: MD-100, MD-101, AZ-104, MS-700, MS-100 Prior experience with SCCM and Intune Perks and benefits Oreta takes pride in providing a service of excellence to our customers and looking after our employees who enable our business to succeed. The successful applicant will enjoy working in a collaborative environment in Chandigarh, India with a friendly and highly driven people (the Oreos), where ideas are always welcome and ongoing training and development is strongly encouraged. The renumeration will be negotiated and based on the relevant skills and experience of the successful applicant. If you are interested in a long-term career with potential to develop and grow with the business and are available to start immediately, then we look forward to hearing from you.

Job Title: Cyber Security Engineer / Analyst – Projects & Operations Department: Information Security / Cybersecurity Location: Gurgaon Experience Required: 1 to 3 Years Key Responsibility : We are looking for a dynamic and technically skilled Cyber Security Analyst to manage and support cybersecurity projects and operations. This dual-role position will focus on the implementation of cybersecurity initiatives (POC, tool comparisons, use case finalization, and deployment) while also being actively involved in day-to-day cybersecurity operations, focusing on endpoint security, WAF/API security, vulnerability management, and application security tools. Cyber Security Projects: Plan and execute Proof of Concept (POC) for new security tools and technologies. Conduct comparative analysis of cybersecurity solutions and prepare evaluation reports. Assist in the finalization of security use cases in collaboration with stakeholders across SOC, application, and infrastructure teams. Support deployment and configuration of cybersecurity tools and ensure seamless integration into existing environments. Maintain documentation, deployment guides, and handover knowledge to operations teams. Application Security: Run static/dynamic scans using AppScan, SonarQube, and manage findings. Collaborate with developers for remediation of code-level vulnerabilities. Cloud Security (Prisma Cloud): Monitor compliance and threat posture for cloud-native applications and services. Investigate alerts and coordinate responses with cloud and DevOps teams. Required Skills & Qualifications: Bachelor’s degree in Information Technology, Computer Science, or related field. 1–3 years of hands-on experience in cybersecurity projects and operations. Working knowledge of: CrowdStrike Falcon, Akamai WAF/API Protector, Qualys VMDR, Application Security Tools (AppScan, SonarQube), Cloud Security Platforms (Prisma Cloud). Understanding of cybersecurity concepts: threat detection, vulnerability management, risk mitigation, and secure coding practices. Good communication and documentation skills for reporting and collaboration. Preferred Certifications (Optional): CompTIA Security+, CEH, or equivalent CrowdStrike Certified Falcon Administrator Akamai Security Certifications Qualys Certified Specialist Basic cloud certifications (AWS/Azure/GCP) Interested candidates may send their CV deen.dayal@maxhealthcare.com Regards DDeen

Were Hiring | DevSecOps Engineer Location : Remote (India) Urgent Requirement Quick Closures Expected! Were on the lookout for a passionate and skilled DevSecOps Engineer / Security Analyst with 4+ years of experience for a leading publishing company. If you have expertise in cloud security, incident response, security automation, and scripting, this role is for you! Security Engineer/DevSecOps/ Experience : 4+ years Security Analyst (SOC) Security Automation for a Publishing Company Good Understanding of code security and web application security or systems like infra security Windows and Linux. Proven and Demonstrated passion for cyber security with at least 5+ Years of relevant experience. Good understanding of security operations, network security, threat intelligence, and incident response. SIEM configuration (particularly Qradar). Incident and alarm response procedures, engagement with operations teams to manage incidents. Experience/ Understanding of Cloud-based services (AWS), technologies, and providers (e.g., SaaS, IaaS, PaaS, etc.) Experience with writing queries, parsing, and correlating data. Technical understanding of PaloAlto, firewall, IDS/IPS, and Wildfire features The ability to perform analysis of log files from multiple devices and environments, and identify indicators of security threats. Strong understanding of parsing and analyzing web, system, and security logs Strong technical knowledge across a range of server and gateway platforms, including Linux/Unix/Windows/Mac Demonstrable knowledge of scripting/programming tools such as PowerShell, Python Understanding of VPN infrastructure, 2FA like Okta Deep understanding of network protocols and security: TCP/IP, UDP, DHCP, FTP, SFTP, SNMP, SMTP, SSH, SSL, VPN, RDP, HTTP, and HTTPS. Familiar with YARA, STIX, TAXII, and OpenIOC for any threat intelligence. Excellent verbal and written communication skills; ability to articulate technical knowledge to non-technical audiences; production of policy/standards/project documentation Knowledge of data leakage prevention tools DLP/CASB/Web security is an add on Having a certification background in any one of GCIH, GCIA, GPEN, OSCP or other relevant certifications within Cyber Security is highly advantageous. VM scanning Qualys is good to have. Experience in handling phishing attacks using Proofpoint, CLEAR, TRAP, and TAP. Experience in EDR solutions, simulating setups like kali-Linux. Experience in Web security CDN Cloudflare/Akamai/Cloudfront or any WAF. (ref:hirist.tech)

Role Overview We are seeking a Security Engineer with strong infrastructure experience to support remediation activities across UNIX and Windows environments. The ideal candidate will have hands-on experience in patch deployment, vulnerability remediation, and system upgrades. Key Responsibilities Perform server patching and upgrades across UNIX/Linux and Windows platforms. Remediate vulnerabilities identified through security scans and assessments. Respond to and mitigate Critical Zero Day vulnerabilities. Collaborate with infrastructure and application teams to ensure timely remediation. Maintain documentation of remediation activities and compliance status. Support audit and compliance requirements related to infrastructure security. Required Skills Strong understanding of server infrastructure (Windows, UNIX/Linux). Experience with patch management tools (e.g., WSUS, SCCM, Red Hat Satellite). Familiarity with vulnerability management tools (e.g., Qualys, Tenable). Basic scripting knowledge (PowerShell, Bash) for automation. Good communication and coordination skills. Preferred Qualifications Exposure to ITIL processes. Experience working in enterprise environments. Security certifications (e.g., CompTIA Security+, CISSP) are a plus.

Responsibilities As a member of the incident/Workorder/Change handling team , you will have the following accountabilities: Will be working as an SME for Zscaler Support in Operations for ZIA, ZPA and ZDX. Assess and orchestrate the current and planned security posture for NTT data's Security infrastructure, providing recommendations for improvement and risk reduction. Identify and propose process improvements and identify opportunities for new processes and procedures to reduce risk. Support security incident response as required; First line responder to reported or detected incidents. Perform security research, analysis, security vulnerability assessments and penetration tests. Provide security audit and investigation support Monitor and track security systems for Vulnerability and respond to potential security Vulnerability. Provide support for the Vulnerability management program. Provide 24x7 support as operations team working in shifts. Participate in on-call system administration support including but not limited to weekends, holidays and after-business hours as required to service the needs of the business. Skills and Experience 4 to 5 years+ in Information Security space. Strong experiance in Service Now Ticketing tool, Dashboards and Integration. Strong experience with Zscaler ZIA, ZPA and ZDX. Strong experience with Vulnerability Management Program. Strong experience with Qualys Vulnerability Management Tool. Some good to have Experience with Crowdstrike EDR and SIEM. Strong experience with multiple network operating systems, including two or more of the following: Cisco iOS, Juniper ScreenOS or Junos, Fortinet FortiOS, CheckPoint GAiA, or Palo Alto Networks PAN-OS; Tanium, Rapid 7, Nessus, Nitro ESM, Symantec SEP, Symantec Message labs, Thales encryption, Allgress, Forecpoint, Blue coat, Firepower, Cisco ISE, Carbon Black, Titus, Encase Strong oral, written, and presentation abilities. Experiance with M365 Copilot. Some experience with Unix/Linux system administration. Strong experience with logging and alerting platforms, including SIEM integration. Current understanding of Industry trends and emerging threats; and Working Knowledge of incident response methodologies and technologies. Desirable Zscaler Certifications Associate and Professional for ZIA, ZPA and ZDX. Excellent Experiance in Zscaler ZIA, ZPA and ZDX. Experiance in Vulnerability Management Program. Experiance in Qualys Vulnerability Management Tool. Well-rounded background in network, host, database, and application security. Experience implementing security controls in a bi-modal IT environment. Experience driving a culture of security awareness. Experience administering network devices, databases, and/or web application servers. Professional IT Accreditations (CISM, CCSA, CCSE, JNCIA, CCNA, CISSP, CompTIA Security) Good to have. Abilities Non customer facing role but an ability to build strong relationships with internal teams, and security leadership, is essential act as Incident co-ordinator, for reviewing all security tools, ingesting incident data, tracking incident status, coordinating with internal and external assets to fulfill information requirements, and initiating escalation procedures. Document daily work and new processes. Embrace a culture of continuous service improvement and service excellence. Stay up to date on security industry trends.

OT Vulnerability Management Specialist Experience - 7-13 Years Job location - Mumbai Quick joiners are preferred Perform vulnerability scans and assessments within OT environments, aligning with safety regulations and operational restrictions. Drive patch advisory tracking, remediation planning, and compliance reporting. • Experience with passive scanning in ICS networks • Risk scoring with CVSS, EPSS, and prioritization frameworks • Patch impact analysis and phased deployment planning • Reporting aligned with IEC 62443 risk models • Skilled in tools such as Tenable OT, Rapid7, Qualys, TXOne Element. • Maps CVEs to OT asset impact based on function and criticality. • Recommends compensating controls for non-patchable systems. • Reports vulnerability trends, backlog status, and mitigation priorities.

Dear Candidate, We are hiring a Compliance Engineer to ensure code and dependencies meet licensing and audit standards. Key Responsibilities: Track open-source usage and license compliance. Automate compliance scanning and reporting. Assist in security reviews and audits. Required Skills & Qualifications: Familiarity with tools like FOSSA, Black Duck. Knowledge of OSS licenses (MIT, GPL, Apache). Experience with code scanning and SBOMs. Note: If interested, please share your updated resume and preferred time for a discussion. If shortlisted, our HR team will contact you. Kandi Srinivasa Delivery Manager Integra Technologies

Responsibilities As a member of the incident/Workorder/Change handling team , you will have the following accountabilities: Will be working as an SME for Zscaler Support in Operations for ZIA, ZPA and ZDX. Assess and orchestrate the current and planned security posture for NTT data’s Security infrastructure, providing recommendations for improvement and risk reduction. Identify and propose process improvements and identify opportunities for new processes and procedures to reduce risk. Support security incident response as required; First line responder to reported or detected incidents. Perform security research, analysis, security vulnerability assessments and penetration tests. Provide security audit and investigation support Monitor and track security systems for Vulnerability and respond to potential security Vulnerability. Provide support for the Vulnerability management program. Provide 24x7 support as operations team working in shifts. Participate in on-call system administration support including but not limited to weekends, holidays and after-business hours as required to service the needs of the business. Skills And Experience 4 to 5 years+ in Information Security space. Strong experiance in Service Now Ticketing tool, Dashboards and Integration. Strong experience with Zscaler ZIA, ZPA and ZDX. Strong experience with Vulnerability Management Program. Strong experience with Qualys Vulnerability Management Tool. Some good to have Experience with Crowdstrike EDR and SIEM. Strong experience with multiple network operating systems, including two or more of the following: Cisco iOS, Juniper ScreenOS or Junos, Fortinet FortiOS, CheckPoint GAiA, or Palo Alto Networks PAN-OS; Tanium, Rapid 7, Nessus, Nitro ESM, Symantec SEP, Symantec Message labs, Thales encryption, Allgress, Forecpoint, Blue coat, Firepower, Cisco ISE, Carbon Black, Titus, Encase Strong oral, written, and presentation abilities. Experiance with M365 Copilot. Some experience with Unix/Linux system administration. Strong experience with logging and alerting platforms, including SIEM integration. Current understanding of Industry trends and emerging threats; and Working Knowledge of incident response methodologies and technologies. Desirable Zscaler Certifications Associate and Professional for ZIA, ZPA and ZDX. Excellent Experiance in Zscaler ZIA, ZPA and ZDX. Experiance in Vulnerability Management Program. Experiance in Qualys Vulnerability Management Tool. Well-rounded background in network, host, database, and application security. Experience implementing security controls in a bi-modal IT environment. Experience driving a culture of security awareness. Experience administering network devices, databases, and/or web application servers. Professional IT Accreditations (CISM, CCSA, CCSE, JNCIA, CCNA, CISSP, CompTIA Security) Good to have. Abilities Non customer facing role but an ability to build strong relationships with internal teams, and security leadership, is essential act as Incident co-ordinator, for reviewing all security tools, ingesting incident data, tracking incident status, coordinating with internal and external assets to fulfill information requirements, and initiating escalation procedures. Document daily work and new processes. Embrace a culture of continuous service improvement and service excellence. Stay up to date on security industry trends.

Must-Have Excellent working knowledge on Patching tools (SCCM, QUALYS) Excellent working knowledge for Active Directory Excellent working knowledge of O365. Excellent working knowledge of License management and MDM management. Excellent working knowledge of VMware environment. 6 Excellent working knowledge of Backup and storage process 7 Excellent written and oral English communication skills. 8. Strong interpersonal skills to collaborate effectively with cross-functional teams. 9. Customer Oriented and Problem-Solving attitude 10. Ability to organize and prioritize diverse workload under pressure. Good-to-Have 1. Knowledge of Qualys and SCCM 2. Knowledge of Commvault and Pure Storage Exp Range: 8 TO 12 Location: Chennai Interview Type: Weekday Virtual Drive Date: 11-Jun-2025 Day: Friday

Hello Visionary! We empower our people to stay resilient and relevant in a constantly changing world. We’re looking for people who are always searching for creative ways to grow and learn. People who want to make a real impact, now and in the future. Does that sound like you? Then it seems like you’d make a great addition to our vibrant team. We are looking for a Penetration Tester. This position is available for Chennai Location. You’ll make a difference by: Having experience in Leading and performing complex penetration testing engagements across enterprise networks, cloud infrastructures, web, mobile, APIs, thick clients, and IoT environments. Having understanding to Simulate sophisticated real-world attacks (e.g., APT scenarios, lateral movement, chained exploits). Conducting Red Team exercises and adversary emulation based on frameworks like MITRE ATT&CK. Identifying and exploiting vulnerabilities using both automated tools and advanced manual techniques. Reviewing, enhancing, and developing custom scripts, tools, and exploits to support internal testing capabilities. Providing expert-level guidance to business units on security risks, remediation strategies, and secure architecture. Actively participating in client discussions, executive briefings, and technical workshops. Delivering detailed and executive-level reports, including risk ratings, business impact, PoCs, and mitigation steps. Maintaining robust documentation of testing methodologies, custom tools, and process improvements. Ensuring all engagements align with internal policies, industry frameworks (e.g., OWASP, NIST, ISO), and client-specific compliance standards. Training and Development Stay updated on the latest security trends, vulnerabilities, and technology advancements. Provide training and guidance to the team and other departments on security best practices. Strategy and Planning Plan and scope penetration testing engagements, ensuring comprehensive coverage and effectiveness. Participate in the development of security policies and standards. Technical Expertise Deep hands-on experience in: Web, API, Thick Client and mobile app security testing (e.g., OWASP Top 10 – Web, Mobile, API) Internal/external network penetration, privilege escalation, and lateral movement Active Directory assessments and exploitation (Kerb roasting, Pass-the-Hash etc.) Familiarity with ICS, SCADA, BACnet protocols, and covert communication channels Wireless, Bluetooth, IoT device, Embedded Security, Cloud (AWS/Azure/GCP), and container security testing Working knowledge of Kali Linux and frameworks like MITRE ATT&CK Basic understanding of AI/ML security: adversarial attacks, model poisoning, and secure deployment of AI systems Proficiency with tools such as: Offensive: Burp Suite Pro, Metasploit, SQLMap, Cobalt Strike, Impacket, CrackMapExec, BloodHound, Sliver Reconnaissance: Nmap, Amass, Shodan, OSINT frameworks/tools Vulnerability Scanners: Nessus, Qualys, Nexpose Programming/Scripting: Skilled in scripting and exploit development using Python, Bash, PowerShell, and occasionally C/C++ or Go Soft Skills Excellent written and verbal communication skills Strong analytical and problem-solving capabilities Ability to explain technical concepts clearly to non-technical stakeholders You’ll win us over by: Having An engineering degree B.E/B.Tech/M.E/M.Tech with good academic record. 6–7 years of proven experience in penetration testing and offensive security Certifications (Preferred): Highly Desirable: OSCP, OSWP, OSWE, GPEN, GWAPT, OSCE, OSEE, GXPN, CPTS, CWEE, CAPE Other Considered: EWPTXv2 or equivalent advanced offensive security certifications We’ll support you with: Hybrid working Opportunities. Diverse and inclusive culture. Great variety of learning & development opportunities. Join us and be yourself! We value your unique identity and perspective, recognizing that our strength comes from the diverse backgrounds, experiences, and thoughts of our team members. We are fully committed to providing equitable opportunities and building a workplace that reflects the diversity of society. We also support you in your personal and professional journey by providing resources to help you thrive. Come bring your authentic self and create a better tomorrow with us. Make your mark in our exciting world at Siemens. This role is based in Chennai and is an Individual contributor role. You might be required to visit other locations within India and outside. In return, you'll get the chance to work with teams impacting - and the shape of things to come. We're Siemens. A collection of over 319,000 minds building the future, one day at a time in over 200 countries. Find out more about Siemens careers at: www.siemens.com/careers

Desired Competencies (Technical/Behavioral Competency) Location - Gurgaon Exp Range - 6-10 Must-Have Excellent working knowledge on Patching tools (SCCM, QUALYS) Excellent working knowledge for Active Directory Excellent working knowledge of O365. Excellent working knowledge of License management and MDM management. Excellent working knowledge of VMware environment. 6 Excellent working knowledge of Backup and storage process 7 Excellent written and oral English communication skills. 8. Strong interpersonal skills to collaborate effectively with cross-functional teams. 9. Customer Oriented and Problem-Solving attitude 10. Ability to organize and prioritize diverse workload under pressure. Good-to-Have 1. Knowledge of Qualys and SCCM 2. Knowledge of Commvault and Pure Storage SN Role descriptions / Expectations from the Role Server Patching: Manage and execute endpoint patching processes to ensure all devices are up-to-date and secure (Servers (On-Prem and Azure) O365 Administrator: Oversee O365 environment, including user management, license allocation, and troubleshooting Active Directory : Administer and maintain AD, including user account management, group policies, and security settings. L2 Troubleshooting: Provide advanced support for server-related issues, including diagnosing and resolving hardware and software problems. Server Monitoring: Monitor endpoint performance and health, ensuring optimal operation and quick resolution of any issues(CPU, Memory Utilization) Backup and Recovery: Implement and manage backup solutions, ensuring data integrity and availability. Documentation: Maintain accurate documentation of system configurations, procedures, and troubleshooting steps. Collaboration: Work closely with other IT team members to support overall IT infrastructure and projects.

Hello Visionary! We empower our people to stay resilient and relevant in a constantly changing world. We’re looking for people who are always searching for creative ways to grow and learn. People who want to make a real impact, now and in the future. Does that sound like you? Then it seems like you’d make a great addition to our vibrant team. We are looking for a Penetration Tester. This position is available for Chennai Location. You’ll make a difference by: Having experience in Leading and performing complex penetration testing engagements across enterprise networks, cloud infrastructures, web, mobile, APIs, thick clients, and IoT environments. Having understanding to Simulate sophisticated real-world attacks (e.g., APT scenarios, lateral movement, chained exploits). Conducting Red Team exercises and adversary emulation based on frameworks like MITRE ATT&CK. Identifying and exploiting vulnerabilities using both automated tools and advanced manual techniques. Reviewing, enhancing, and developing custom scripts, tools, and exploits to support internal testing capabilities. Providing expert-level guidance to business units on security risks, remediation strategies, and secure architecture. Actively participating in client discussions, executive briefings, and technical workshops. Delivering detailed and executive-level reports, including risk ratings, business impact, PoCs, and mitigation steps. Maintaining robust documentation of testing methodologies, custom tools, and process improvements. Ensuring all engagements align with internal policies, industry frameworks (e.g., OWASP, NIST, ISO), and client-specific compliance standards. Training and Development Stay updated on the latest security trends, vulnerabilities, and technology advancements. Provide training and guidance to the team and other departments on security best practices. Strategy and Planning Plan and scope penetration testing engagements, ensuring comprehensive coverage and effectiveness. Participate in the development of security policies and standards. Technical Expertise Deep hands-on experience in: Web, API, Thick Client and mobile app security testing (e.g., OWASP Top 10 – Web, Mobile, API) Internal/external network penetration, privilege escalation, and lateral movement Active Directory assessments and exploitation (Kerb roasting, Pass-the-Hash etc.) Familiarity with ICS, SCADA, BACnet protocols, and covert communication channels Wireless, Bluetooth, IoT device, Embedded Security, Cloud (AWS/Azure/GCP), and container security testing Working knowledge of Kali Linux and frameworks like MITRE ATT&CK Basic understanding of AI/ML security: adversarial attacks, model poisoning, and secure deployment of AI systems Proficiency with tools such as: Offensive: Burp Suite Pro, Metasploit, SQLMap, Cobalt Strike, Impacket, CrackMapExec, BloodHound, Sliver Reconnaissance: Nmap, Amass, Shodan, OSINT frameworks/tools Vulnerability Scanners: Nessus, Qualys, Nexpose Programming/Scripting: Skilled in scripting and exploit development using Python, Bash, PowerShell, and occasionally C/C++ or Go Soft Skills Excellent written and verbal communication skills Strong analytical and problem-solving capabilities Ability to explain technical concepts clearly to non-technical stakeholders You’ll win us over by: Having An engineering degree B.E/B.Tech/M.E/M.Tech with good academic record. 6–7 years of proven experience in penetration testing and offensive security Certifications (Preferred): Highly Desirable: OSCP, OSWP, OSWE, GPEN, GWAPT, OSCE, OSEE, GXPN, CPTS, CWEE, CAPE Other Considered: EWPTXv2 or equivalent advanced offensive security certifications We’ll support you with: Hybrid working Opportunities. Diverse and inclusive culture. Great variety of learning & development opportunities. Join us and be yourself! We value your unique identity and perspective, recognizing that our strength comes from the diverse backgrounds, experiences, and thoughts of our team members. We are fully committed to providing equitable opportunities and building a workplace that reflects the diversity of society. We also support you in your personal and professional journey by providing resources to help you thrive. Come bring your authentic self and create a better tomorrow with us. Make your mark in our exciting world at Siemens. This role is based in Chennai and is an Individual contributor role. You might be required to visit other locations within India and outside. In return, you'll get the chance to work with teams impacting - and the shape of things to come. We're Siemens. A collection of over 319,000 minds building the future, one day at a time in over 200 countries. Find out more about Siemens careers at: www.siemens.com/careers

Job Description of Senior Systems Administrator for Infinite Computer Solutions Title: Senior Systems Administrator (E3) Location: Bangalore Experience: 6 – 10 Years Job Description: Strong understanding and hands on Google Cloud Platform (GCP) services and administration including Compute Engine, Virtual Private Cloud, Cloud Storage, and other relevant services. Experience in managing and troubleshooting Windows Server environments, including Active Directory, IIS, DNS, DHCP , Windows server Upgrades, migration and other related technologies. Good experience with Print / File servers , FTP and SFTP Familiarity with Cloud management tools , cost optimization techniques, and security best practices. Experience with troubleshooting complex issues across application tiers, including web servers, application servers, and databases. Experience with scripting languages like PowerShell, Python and automation tools like Terraform or Ansible for infrastructure management. Familiarity with ITSM tools like ServiceNow for incident and change management. Experience with VMware / Hyper-V virtualization platform, including vCenter Server / Hyper-V Manager, vSAN, and other related technologies. Good knowledge and understanding on Backup (Rubrik, Commvault, etc.) and Storage Technologies. Strong knowledge of Windows Server Patch Management (WSUS / SCCM) and other OS hardening techniques. Vulnerability remediation – Have understanding on VAPT tools (Qualys, Rapid7 etc.) Experience in Installing, configuring, managing and updating antivirus software on Windows servers ( Microsoft Defender ) Familiar with monitoring tools like SolarWinds, Prometheus, Zabbix etc. Understanding of CI/CD pipelines and DevOps principles for application deployment and infrastructure management. Qualifications Bachelor's Degree Range of Year Experience-Min Year 6 Range of Year Experience-Max Year 10

Job Description of Lead Systems Administrator for Infinite Computer Solutions Title: Lead Systems Administrator (E4) Location: Bangalore Experience: 10 – 12 Years Job Description: Strong understanding and hands on Google Cloud Platform (GCP) services and administration including Compute Engine, Virtual Private Cloud, Cloud Storage, and other relevant services. Experience in managing and troubleshooting Windows Server environments, including Active Directory, IIS, DNS, DHCP , Windows server Upgrades, migration and other related technologies. Good experience with Print / File servers , FTP and SFTP Familiarity with Cloud management tools , cost optimization techniques, and security best practices. Experience with troubleshooting complex issues across application tiers, including web servers, application servers, and databases. Experience with scripting languages like PowerShell, Python and automation tools like Terraform or Ansible for infrastructure management. Familiarity with ITSM tools like ServiceNow for incident and change management. Experience with VMware / Hyper-V virtualization platform, including vCenter Server / Hyper-V Manager, vSAN, and other related technologies. Good knowledge and understanding on Backup (Rubrik, Commvault, etc.) and Storage Technologies. Strong knowledge of Windows Server Patch Management (WSUS / SCCM) and other OS hardening techniques. Vulnerability remediation – Have understanding on VAPT tools (Qualys, Rapid7 etc.) Experience in Installing, configuring, managing and updating antivirus software on Windows servers ( Microsoft Defender ) Familiar with monitoring tools like SolarWinds, Prometheus, Zabbix etc. Understanding of CI/CD pipelines and DevOps principles for application deployment and infrastructure management. Qualifications Bachelor's Degree Range of Year Experience-Min Year 10 Range of Year Experience-Max Year 12

Come work at a place where innovation and teamwork come together to support the most exciting missions in the world! Come work at a place where innovation and teamwork come together to support the most exciting missions in the world! The Site Reliability Engineer - Incident Management, has the responsibility of monitoring, maintaining and managing entire Qualys infrastructure and services installed at different data-centers. When there is any malfunction in Product/Services, the Site Reliability Engineer- Incident Management technician Monitor, troubleshoots, repairs and gets the Service/system back up as quickly as possible. Ensure maximum possible service availability and performance, provide support services for Engineering and other technical teams and to collaborate for quicker resolution. End to end Incident management, Documentations and task Automation are also part of responsibility. Responsibilities: Monitor the performance and capacity of computer systems using a variety of tools. When an issue is identified, Site Reliability Engineer- Incident Management works to determine the cause of the problem. Responsible for basic troubleshooting platform/product issues to isolate the problems and take appropriate action to resolve. Check performance with Splunk/Grafana/Kibana. Manage PagerDuty. Also help in task automation wherever possible/applicable. Ensure creation and timely resolution to incident tickets tracking and resolution of the incident. When a problem impacts Product (SaaS) or Any (IT) services, Site Reliability Engineer- Incident Management works to triage or troubleshoot the problem, Site Reliability Engineer- Incident Management must carefully track and document all issues and resolutions in detail on the ticketing tool / documentation tools. This increases the knowledge base of the Site Reliability Engineer- Incident Management and is a record of the health of the system. When problems are too large or complex for quick troubleshooting, Site Reliability Engineer- Incident Management must escalate the issue to management, other IT resources or 3rd party vendors for assistance in reaching a resolution. Site Reliability Engineer- Incident Management maintain ongoing communication within the team and externally, to keep all stakeholders aware of relevant info, known issues and the steps being taken in summary format. Site Reliability Engineer- Incident Management team will operate 24*7*365 days. Monthly shift rotation basis (*depend on requirement). Required Skills One to Two years IT Operations (Infra/System admin/Linux) or equivalent experience/certification (Fresher can apply). Knowledge or familiarity of Monitoring and other integration tools like Splunk, Prometheus, Grafana, Kibana, PagerDuty, Runscope (good to have any of the knowledge) and Jira /ServiceNow tool for Incident Management. Good experience (or familiarity) with ITSM main functions and usage of tools. Very good understanding of Incident Management (IM) processes and ability to drive Incident process (IM ticket). Strong interpersonal skills and have the ability to interact with all levels of employees in a professional manner. Certifications is highly recommended with a strong knowledge of computer functionality. Any technical certification on Linux, System Admin, VMware, IT Security or certification in the area of ITSM/ ITIL will be an added advantage. Knowledge of DevOps/SRE (basics) , Python, Cloud will be also good to have

Come work at a place where innovation and teamwork come together to support the most exciting missions in the world! We are seeking a talented Lead QA Automation Engineer to deliver roadmap features of Enterprise TruRisk Platform which would help customers to Measure, Communicate and Eliminate Cyber Risks. The Lead QA Automaton Engineer will design, implement, document, and maintain testing frameworks. You will be responsible for the quality of core product capabilities using micro-services and Big Data based components. This is a fantastic opportunity to be an integral part of a team building Qualys next generation platform using Big Data & Micro-Services based technology to process over billions of transactions data per day, leverage open-source technologies, and work on challenging and business-impacting initiatives. Responsibilities: Testing big data ingestion and aggregation flows using spark shell and related queries. Developing automation framework using programming languages such as python and automate the big data workflows such as ingestion, aggregation, ETL processing etc. Debugging and troubleshooting issues within the big data ecosystem. Set up the Big data platform and Hadoop ecosystem for testing. Define test strategy and write test plan for the data platform enhancements and new features/services built on it. Define the operating procedures, service monitors and alerts and work with the NOC team to get them implemented. Responsible for system & performance testing of the data platform and applications Solve problems, establish plans, and provide technical consultation in the design, development, and test effort of complex engineering projects. Review product specifications and write test cases, develop test plans for assigned areas. Identifies issues and technical interdependencies and suggest possible solutions. Do end to end workflow automation using a framework. Contribute in Test Automation Development/Enhancement. Recreate complex customer and production reported issues to determine root cause and verify the fix. Requirements: 8-10 years of experience in the full-time testing role and at least 4-6 years in hands-on automation role as lead. Hands on experience in automating backend applications (e.g., database, REST API's). Hands on experience with automating any backend applications (e.g., database, server side). Knowledge of relational databases and SQL. Good debugging skills. Working experience working in Linux/Unix environment. Good understanding of testing methodologies. Good to have hands on experience in working on Big Data technologies like Hadoop, Spark, Kafa, Elastic. Experience in Security domain is an advantage.

34914BR Bangalore Job Description Job Description of Lead Systems Administrator for Infinite Computer Solutions Title: Lead Systems Administrator (E4) Location: Bangalore Experience: 10 – 12 Years Job Description Strong understanding and hands on Google Cloud Platform (GCP) services and administration including Compute Engine, Virtual Private Cloud, Cloud Storage, and other relevant services. Experience in managing and troubleshooting Windows Server environments, including Active Directory, IIS, DNS, DHCP, Windows server Upgrades, migration and other related technologies. Good experience with Print / File servers, FTP and SFTP Familiarity with Cloud management tools, cost optimization techniques, and security best practices. Experience with troubleshooting complex issues across application tiers, including web servers, application servers, and databases. Experience with scripting languages like PowerShell, Python and automation tools like Terraform or Ansible for infrastructure management. Familiarity with ITSM tools like ServiceNow for incident and change management. Experience with VMware / Hyper-V virtualization platform, including vCenter Server / Hyper-V Manager, vSAN, and other related technologies. Good knowledge and understanding on Backup (Rubrik, Commvault, etc.) and Storage Technologies. Strong knowledge of Windows Server Patch Management (WSUS / SCCM) and other OS hardening techniques. Vulnerability remediation – Have understanding on VAPT tools (Qualys, Rapid7 etc.) Experience in Installing, configuring, managing and updating antivirus software on Windows servers (Microsoft Defender) Familiar with monitoring tools like SolarWinds, Prometheus, Zabbix etc. Understanding of CI/CD pipelines and DevOps principles for application deployment and infrastructure management. Qualifications Bachelor's Degree Range of Year Experience-Min Year 10 Range of Year Experience-Max Year 12

Summary Position Summary Red Team — Senior Consultant 1 - Solution Delivery Lead Deloitte’s CyberRiskServices helpourclientstobesecure,vigilant,andresilientinthefaceofanever-increasing array of cyber threats and vulnerabilities. Our Cyber Risk practice helps organizations with the management of information and technology risks by delivering end-to-end solutions using proven methodologies and tools in a consistent manner.Ourserviceshelporganizationsto address,in atimelymanner,pervasiveissues,suchasidentity theft, data security breaches, data leakage, cyber security, and system outages across organizations of various sizes and industries with the goal of enabling ongoing, secure, and reliable operations across the enterprise. Deloitte’s Cyber Risk Services have been recognized as a leader by a number of independent analyst firms. Kennedy Consulting Research & Advisory, a leading analyst firm, recently named Deloitte a global leader in cyber security consulting. Source: Kennedy Consulting Research & Advisory; Cyber Security Consulting 2013; Kennedy Consulting Research & Advisory estimates © 2013 Kennedy Information, LLC. Reproduced under license. Workyouwill do Manages Cyber Threat Management projects, guides the team on a day-to-day basis and ensures that assigned tasks and responsibilities are fulfilled in a timely fashion Demonstrates understanding of complex business and information technology management processes (move it additional skills - if they don’t have this at LSA level, it will be difficult to build and sustain them in the firm) Interacts with clients, managers and partners to build and nurture strong relationships (required with managers at a minimum and clients if they are interacting directly or if deployed on client site ) Assists in implementing standard operating procedures Adheres to Service Level Agreements Identified opportunities for service optimization Tailors firm tools and methodologies as per client requirements Evaluates, counsels, mentors and provides feedback on performance of others Manages day-to-day client relationships at appropriate management levels Participates in proposal development efforts to sell quot;add-on quot; work to clients Identifies opportunities to improve engagement economics Lead practice development initiatives The Team Deloitte’s Red Team is a standardized process, to help clients combat today’s growing array of system threats. We help organizations assess their infrastructure, networks and application environments to identify vulnerabilities and controlweaknesses.Wedevelopanddeploythetechnicalandarchitecturalimprovementsnecessarytoreduceattack exposure OurApplicationandVulnerabilityManagementserviceshelporganizationsidentifythetechnicalandarchitectural improvements needed to minimize exposure to attacks. With our customized methodology, we assess the many aspects of risk to support identification of both internal and external facing threats. Required: - Core Skills: Strong written and verbal communication skills with experience writing comprehensive technical reports and delivering engagement debriefs. Ability to analyze complex attack paths and provide both tactical and strategic remediation recommendations to enhance security. Knowledge and experience in project management, managing complex red team engagements from planning to execution. In-depth understanding of threat analysis, enterprise-level defense mechanisms, and mitigation strategies. Hands-on experience in bypassing security mechanisms such as firewalls, EDR, IDS/IPS, and SIEM solutions (e.g., Splunk, QRadar, ArcSight). Understanding of cyber kill chains and how adversaries can execute multi-stage attacks using open-source tools. Experience in reverse engineering binaries or malware to understand functionality and identify weaknesses. Strong knowledge of cloud penetration testing (AWS, Azure, GCP) and how to conduct adversarial simulation against cloud infrastructures. Strong knowledge of operating systems (Windows/Linux) and networking technologies used in red team operations. Advanced knowledge in Red Teaming, Offensive Security, Adversarial Simulation, and Penetration Testing across various network and application environments. Expertise in reconnaissance, exploitation, lateral movement, and persistence techniques used in red team engagements. In-depth understanding of business and information technology processes, with a focus on bridging the gap between offensive operations and business risks. Deep knowledge of commonly used attack protocols such as TCP/IP, DNS, HTTP/S, and their exploitation. Hands-on experience in conducting social engineering and phishing campaigns, as well as advanced attack scenarios (HTML smuggling, payload delivery, etc.). Strong knowledge of the SANS Top 25 and MITRE ATT&CK framework, and how these apply to real-world adversarial techniques. Hands-on experience in architecting, deploying, and managing Red Team/Offensive Security technology solutions (such as Cobalt Strike, Metasploit, Sliver, Nessus, nmap, Qualys, Tenable). Deep understanding of EDR/AV evasion techniques and OpSec considerations during adversarial engagements. Assist clients by conducting sophisticated adversarial simulations, mimicking the tools, tactics, and procedures of real-world threat actors. Plan and execute complex red team engagements, including phishing, social engineering, network exploitation, and covert lateral movement. Analyze, enrich, and prioritize attack vectors, leveraging real-time threat feeds and tools to enhance the adversarial simulation. Develop detailed engagement reports, providing both actionable remediation steps and strategic recommendations to improve the client's defense. Assist in maintaining red team infrastructure, including command and control (C2) systems, attack vectors, and exploit tools. Engage with leadership and stakeholders to review findings and guide them through the recommendations for improving their security posture. Stay ahead of emerging attack trends and evolve red team tactics accordingly, ensuring OpSec compliance at all times. Collaborate with blue team counterparts during purple team engagements to improve detection and response capabilities. Mandatory Certifications - OSCP, OSWP, GPEN, OSCE, CRTO, GXPN, CREST Certified Simulated Attack Specialist Preferred Certifications - OSCE3, OSWE, OSEP, OSED, CREST Certified Simulated Attack Specialist, SABSA, AWS Security Specialist Preferred: B. E / B.Tech / M.S in any engineering discipline; 5-7 years of cyber risk services experience. Proven ability to emulate sophisticated adversary tactics, techniques, and procedures (TTPs) to identify and exploit weaknesses in organizational defenses. Familiarity with red teaming methodologies, offensive security tools, and frameworks such as MITRE ATT&CK. Experience with tools like Cobalt Strike, Metasploit, and Empire for command and control, exploitation, and lateral movement within environments. Proficiency in scripting languages like Python, PowerShell, or Bash for automation and custom tool creation. Knowledge of evasion techniques to bypass antivirus (AV), endpoint detection and response (EDR), and network monitoring tools. Strong understanding of privilege escalation, lateral movement, and persistence mechanisms in both Windows and Linux environments. Hands-on experience conducting phishing campaigns, social engineering attacks, and delivering payloads via HTML smuggling or other covert techniques. Ability to assess and manipulate Active Directory configurations, conduct password spraying, and exploit common misconfigurations. Strong knowledge of reverse engineering tools such as IDA Pro and Ghidra for analyzing malware or binaries. Excellent ability to create detailed post-engagement reports and recommendations for improving detection and response capabilities. Knowledge of operational security (OpSec) best practices to avoid detection during adversarial engagements. Ability to think creatively in developing offensive strategies and adapting to blue team defenses. Strong desire to continuously learn emerging attack vectors and defensive countermeasures. Outstanding communication skills, with the ability to explain offensive security techniques to both technical and non-technical stakeholders. Howyouwill Grow At Deloitte,we have invested a great deal to create arich environment in whichour professionals can grow.We want all ourpeopleto developin their own way,playingto theirown strengthsastheyhonetheirleadershipskills.And,as a part of our efforts, we provide our professionals with a variety of learning and networking opportunities—including exposuretoleaders,sponsors,coaches,andchallengingassignments—tohelpacceleratetheircareersalongtheway. No two people learn in exactly the same way. So, we provide a range of resources, including live classrooms, team-based learning,and eLearning.Deloitte University(DU):The LeadershipCenter in India,our state-of-the-art, world-class learning centerin the Hyderabad office, is an extension of the DU in Westlake, Texas, and represents a tangiblesymbolofourcommitmenttoourpeople’sgrowthanddevelopment. ExploreDU:TheLeadershipCenterin India . Benefits AtDeloitte,weknowthatgreatpeoplemakeagreatorganization.Wevalueourpeopleandofferemployeesabroad range of benefits. Learn more about what working at Deloitte can mean for you. Deloitte’s culture Our positive and supportive culture encourages our people to do their best workeveryday. We celebrate individuals by recognizing their uniqueness and offering them the flexibility to make daily choices that can help them to be healthy,centered,confident,andaware.Weofferwell-beingprogramsandarecontinuouslylookingfornewwaysto maintainaculturethatisinclusive,invitesauthenticity,leveragesourdiversity,andwhereourpeopleexcelandlead healthy, happy lives. Learn more about Life at Deloitte. Corporate citizenship Deloitte is led by a purpose: to make an impact that matters. This purpose defines who we are and extends to relationshipswithourclients,ourpeople,andourcommunities.Webelievethatbusinesshasthepowertoinspireand transform.We focus on education,giving,skill-basedvolunteerism,and leadership to help drive positive social impact in our communities. Learn more about Deloitte’s impact on the world. Our purpose Deloitte’s purpose is to make an impact that matters for our people, clients, and communities. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. Our purpose comes through in our work with clients that enables impact and value in their organizations, as well as through our own investments, commitments, and actions across areas that help drive positive outcomes for our communities. Our people and culture Our inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ideas and perspectives, and bring more creativity and innovation to help solve our clients' most complex challenges. This makes Deloitte one of the most rewarding places to work. Professional development At Deloitte, professionals have the opportunity to work with some of the best and discover what works best for them. Here, we prioritize professional growth, offering diverse learning and networking opportunities to help accelerate careers and enhance leadership skills. Our state-of-the-art DU: The Leadership Center in India, located in Hyderabad, represents a tangible symbol of our commitment to the holistic growth and development of our people. Explore DU: The Leadership Center in India . Benefits To Help You Thrive At Deloitte, we know that great people make a great organization. Our comprehensive rewards program helps us deliver a distinctly Deloitte experience that helps that empowers our professionals to thrive mentally, physically, and financially—and live their purpose. To support our professionals and their loved ones, we offer a broad range of benefits. Eligibility requirements may be based on role, tenure, type of employment and/ or other criteria. Learn more about what working at Deloitte can mean for you. Recruiting tips From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters. Requisition code: 300440

Summary Position Summary Red Team — Senior Consultant 1 - Solution Delivery Lead Deloitte’s CyberRiskServices helpourclientstobesecure,vigilant,andresilientinthefaceofanever-increasing array of cyber threats and vulnerabilities. Our Cyber Risk practice helps organizations with the management of information and technology risks by delivering end-to-end solutions using proven methodologies and tools in a consistent manner.Ourserviceshelporganizationsto address,in atimelymanner,pervasiveissues,suchasidentity theft, data security breaches, data leakage, cyber security, and system outages across organizations of various sizes and industries with the goal of enabling ongoing, secure, and reliable operations across the enterprise. Deloitte’s Cyber Risk Services have been recognized as a leader by a number of independent analyst firms. Kennedy Consulting Research & Advisory, a leading analyst firm, recently named Deloitte a global leader in cyber security consulting. Source: Kennedy Consulting Research & Advisory; Cyber Security Consulting 2013; Kennedy Consulting Research & Advisory estimates © 2013 Kennedy Information, LLC. Reproduced under license. Workyouwill do Manages Cyber Threat Management projects, guides the team on a day-to-day basis and ensures that assigned tasks and responsibilities are fulfilled in a timely fashion Demonstrates understanding of complex business and information technology management processes (move it additional skills - if they don’t have this at LSA level, it will be difficult to build and sustain them in the firm) Interacts with clients, managers and partners to build and nurture strong relationships (required with managers at a minimum and clients if they are interacting directly or if deployed on client site ) Assists in implementing standard operating procedures Adheres to Service Level Agreements Identified opportunities for service optimization Tailors firm tools and methodologies as per client requirements Evaluates, counsels, mentors and provides feedback on performance of others Manages day-to-day client relationships at appropriate management levels Participates in proposal development efforts to sell quot;add-on quot; work to clients Identifies opportunities to improve engagement economics Lead practice development initiatives The Team Deloitte’s Red Team is a standardized process, to help clients combat today’s growing array of system threats. We help organizations assess their infrastructure, networks and application environments to identify vulnerabilities and controlweaknesses.Wedevelopanddeploythetechnicalandarchitecturalimprovementsnecessarytoreduceattack exposure OurApplicationandVulnerabilityManagementserviceshelporganizationsidentifythetechnicalandarchitectural improvements needed to minimize exposure to attacks. With our customized methodology, we assess the many aspects of risk to support identification of both internal and external facing threats. Required: - Core Skills: Strong written and verbal communication skills with experience writing comprehensive technical reports and delivering engagement debriefs. Ability to analyze complex attack paths and provide both tactical and strategic remediation recommendations to enhance security. Knowledge and experience in project management, managing complex red team engagements from planning to execution. In-depth understanding of threat analysis, enterprise-level defense mechanisms, and mitigation strategies. Hands-on experience in bypassing security mechanisms such as firewalls, EDR, IDS/IPS, and SIEM solutions (e.g., Splunk, QRadar, ArcSight). Understanding of cyber kill chains and how adversaries can execute multi-stage attacks using open-source tools. Experience in reverse engineering binaries or malware to understand functionality and identify weaknesses. Strong knowledge of cloud penetration testing (AWS, Azure, GCP) and how to conduct adversarial simulation against cloud infrastructures. Strong knowledge of operating systems (Windows/Linux) and networking technologies used in red team operations. Advanced knowledge in Red Teaming, Offensive Security, Adversarial Simulation, and Penetration Testing across various network and application environments. Expertise in reconnaissance, exploitation, lateral movement, and persistence techniques used in red team engagements. In-depth understanding of business and information technology processes, with a focus on bridging the gap between offensive operations and business risks. Deep knowledge of commonly used attack protocols such as TCP/IP, DNS, HTTP/S, and their exploitation. Hands-on experience in conducting social engineering and phishing campaigns, as well as advanced attack scenarios (HTML smuggling, payload delivery, etc.). Strong knowledge of the SANS Top 25 and MITRE ATT&CK framework, and how these apply to real-world adversarial techniques. Hands-on experience in architecting, deploying, and managing Red Team/Offensive Security technology solutions (such as Cobalt Strike, Metasploit, Sliver, Nessus, nmap, Qualys, Tenable). Deep understanding of EDR/AV evasion techniques and OpSec considerations during adversarial engagements. Assist clients by conducting sophisticated adversarial simulations, mimicking the tools, tactics, and procedures of real-world threat actors. Plan and execute complex red team engagements, including phishing, social engineering, network exploitation, and covert lateral movement. Analyze, enrich, and prioritize attack vectors, leveraging real-time threat feeds and tools to enhance the adversarial simulation. Develop detailed engagement reports, providing both actionable remediation steps and strategic recommendations to improve the client's defense. Assist in maintaining red team infrastructure, including command and control (C2) systems, attack vectors, and exploit tools. Engage with leadership and stakeholders to review findings and guide them through the recommendations for improving their security posture. Stay ahead of emerging attack trends and evolve red team tactics accordingly, ensuring OpSec compliance at all times. Collaborate with blue team counterparts during purple team engagements to improve detection and response capabilities. Mandatory Certifications - OSCP, OSWP, GPEN, OSCE, CRTO, GXPN, CREST Certified Simulated Attack Specialist Preferred Certifications - OSCE3, OSWE, OSEP, OSED, CREST Certified Simulated Attack Specialist, SABSA, AWS Security Specialist Preferred: B. E / B.Tech / M.S in any engineering discipline; 5-7 years of cyber risk services experience. Proven ability to emulate sophisticated adversary tactics, techniques, and procedures (TTPs) to identify and exploit weaknesses in organizational defenses. Familiarity with red teaming methodologies, offensive security tools, and frameworks such as MITRE ATT&CK. Experience with tools like Cobalt Strike, Metasploit, and Empire for command and control, exploitation, and lateral movement within environments. Proficiency in scripting languages like Python, PowerShell, or Bash for automation and custom tool creation. Knowledge of evasion techniques to bypass antivirus (AV), endpoint detection and response (EDR), and network monitoring tools. Strong understanding of privilege escalation, lateral movement, and persistence mechanisms in both Windows and Linux environments. Hands-on experience conducting phishing campaigns, social engineering attacks, and delivering payloads via HTML smuggling or other covert techniques. Ability to assess and manipulate Active Directory configurations, conduct password spraying, and exploit common misconfigurations. Strong knowledge of reverse engineering tools such as IDA Pro and Ghidra for analyzing malware or binaries. Excellent ability to create detailed post-engagement reports and recommendations for improving detection and response capabilities. Knowledge of operational security (OpSec) best practices to avoid detection during adversarial engagements. Ability to think creatively in developing offensive strategies and adapting to blue team defenses. Strong desire to continuously learn emerging attack vectors and defensive countermeasures. Outstanding communication skills, with the ability to explain offensive security techniques to both technical and non-technical stakeholders. Howyouwill Grow At Deloitte,we have invested a great deal to create arich environment in whichour professionals can grow.We want all ourpeopleto developin their own way,playingto theirown strengthsastheyhonetheirleadershipskills.And,as a part of our efforts, we provide our professionals with a variety of learning and networking opportunities—including exposuretoleaders,sponsors,coaches,andchallengingassignments—tohelpacceleratetheircareersalongtheway. No two people learn in exactly the same way. So, we provide a range of resources, including live classrooms, team-based learning,and eLearning.Deloitte University(DU):The LeadershipCenter in India,our state-of-the-art, world-class learning centerin the Hyderabad office, is an extension of the DU in Westlake, Texas, and represents a tangiblesymbolofourcommitmenttoourpeople’sgrowthanddevelopment. ExploreDU:TheLeadershipCenterin India . Benefits AtDeloitte,weknowthatgreatpeoplemakeagreatorganization.Wevalueourpeopleandofferemployeesabroad range of benefits. Learn more about what working at Deloitte can mean for you. Deloitte’s culture Our positive and supportive culture encourages our people to do their best workeveryday. We celebrate individuals by recognizing their uniqueness and offering them the flexibility to make daily choices that can help them to be healthy,centered,confident,andaware.Weofferwell-beingprogramsandarecontinuouslylookingfornewwaysto maintainaculturethatisinclusive,invitesauthenticity,leveragesourdiversity,andwhereourpeopleexcelandlead healthy, happy lives. Learn more about Life at Deloitte. Corporate citizenship Deloitte is led by a purpose: to make an impact that matters. This purpose defines who we are and extends to relationshipswithourclients,ourpeople,andourcommunities.Webelievethatbusinesshasthepowertoinspireand transform.We focus on education,giving,skill-basedvolunteerism,and leadership to help drive positive social impact in our communities. Learn more about Deloitte’s impact on the world. Our purpose Deloitte’s purpose is to make an impact that matters for our people, clients, and communities. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. Our purpose comes through in our work with clients that enables impact and value in their organizations, as well as through our own investments, commitments, and actions across areas that help drive positive outcomes for our communities. Our people and culture Our inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ideas and perspectives, and bring more creativity and innovation to help solve our clients' most complex challenges. This makes Deloitte one of the most rewarding places to work. Professional development At Deloitte, professionals have the opportunity to work with some of the best and discover what works best for them. Here, we prioritize professional growth, offering diverse learning and networking opportunities to help accelerate careers and enhance leadership skills. Our state-of-the-art DU: The Leadership Center in India, located in Hyderabad, represents a tangible symbol of our commitment to the holistic growth and development of our people. Explore DU: The Leadership Center in India . Benefits To Help You Thrive At Deloitte, we know that great people make a great organization. Our comprehensive rewards program helps us deliver a distinctly Deloitte experience that helps that empowers our professionals to thrive mentally, physically, and financially—and live their purpose. To support our professionals and their loved ones, we offer a broad range of benefits. Eligibility requirements may be based on role, tenure, type of employment and/ or other criteria. Learn more about what working at Deloitte can mean for you. Recruiting tips From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters. Requisition code: 300440

Summary Position Summary Red Team — Senior Consultant 1 - Solution Delivery Lead Deloitte’s CyberRiskServices helpourclientstobesecure,vigilant,andresilientinthefaceofanever-increasing array of cyber threats and vulnerabilities. Our Cyber Risk practice helps organizations with the management of information and technology risks by delivering end-to-end solutions using proven methodologies and tools in a consistent manner.Ourserviceshelporganizationsto address,in atimelymanner,pervasiveissues,suchasidentity theft, data security breaches, data leakage, cyber security, and system outages across organizations of various sizes and industries with the goal of enabling ongoing, secure, and reliable operations across the enterprise. Deloitte’s Cyber Risk Services have been recognized as a leader by a number of independent analyst firms. Kennedy Consulting Research & Advisory, a leading analyst firm, recently named Deloitte a global leader in cyber security consulting. Source: Kennedy Consulting Research & Advisory; Cyber Security Consulting 2013; Kennedy Consulting Research & Advisory estimates © 2013 Kennedy Information, LLC. Reproduced under license. Workyouwill do Manages Cyber Threat Management projects, guides the team on a day-to-day basis and ensures that assigned tasks and responsibilities are fulfilled in a timely fashion Demonstrates understanding of complex business and information technology management processes (move it additional skills - if they don’t have this at LSA level, it will be difficult to build and sustain them in the firm) Interacts with clients, managers and partners to build and nurture strong relationships (required with managers at a minimum and clients if they are interacting directly or if deployed on client site ) Assists in implementing standard operating procedures Adheres to Service Level Agreements Identified opportunities for service optimization Tailors firm tools and methodologies as per client requirements Evaluates, counsels, mentors and provides feedback on performance of others Manages day-to-day client relationships at appropriate management levels Participates in proposal development efforts to sell quot;add-on quot; work to clients Identifies opportunities to improve engagement economics Lead practice development initiatives The Team Deloitte’s Red Team is a standardized process, to help clients combat today’s growing array of system threats. We help organizations assess their infrastructure, networks and application environments to identify vulnerabilities and controlweaknesses.Wedevelopanddeploythetechnicalandarchitecturalimprovementsnecessarytoreduceattack exposure OurApplicationandVulnerabilityManagementserviceshelporganizationsidentifythetechnicalandarchitectural improvements needed to minimize exposure to attacks. With our customized methodology, we assess the many aspects of risk to support identification of both internal and external facing threats. Required: - Core Skills: Strong written and verbal communication skills with experience writing comprehensive technical reports and delivering engagement debriefs. Ability to analyze complex attack paths and provide both tactical and strategic remediation recommendations to enhance security. Knowledge and experience in project management, managing complex red team engagements from planning to execution. In-depth understanding of threat analysis, enterprise-level defense mechanisms, and mitigation strategies. Hands-on experience in bypassing security mechanisms such as firewalls, EDR, IDS/IPS, and SIEM solutions (e.g., Splunk, QRadar, ArcSight). Understanding of cyber kill chains and how adversaries can execute multi-stage attacks using open-source tools. Experience in reverse engineering binaries or malware to understand functionality and identify weaknesses. Strong knowledge of cloud penetration testing (AWS, Azure, GCP) and how to conduct adversarial simulation against cloud infrastructures. Strong knowledge of operating systems (Windows/Linux) and networking technologies used in red team operations. Advanced knowledge in Red Teaming, Offensive Security, Adversarial Simulation, and Penetration Testing across various network and application environments. Expertise in reconnaissance, exploitation, lateral movement, and persistence techniques used in red team engagements. In-depth understanding of business and information technology processes, with a focus on bridging the gap between offensive operations and business risks. Deep knowledge of commonly used attack protocols such as TCP/IP, DNS, HTTP/S, and their exploitation. Hands-on experience in conducting social engineering and phishing campaigns, as well as advanced attack scenarios (HTML smuggling, payload delivery, etc.). Strong knowledge of the SANS Top 25 and MITRE ATT&CK framework, and how these apply to real-world adversarial techniques. Hands-on experience in architecting, deploying, and managing Red Team/Offensive Security technology solutions (such as Cobalt Strike, Metasploit, Sliver, Nessus, nmap, Qualys, Tenable). Deep understanding of EDR/AV evasion techniques and OpSec considerations during adversarial engagements. Assist clients by conducting sophisticated adversarial simulations, mimicking the tools, tactics, and procedures of real-world threat actors. Plan and execute complex red team engagements, including phishing, social engineering, network exploitation, and covert lateral movement. Analyze, enrich, and prioritize attack vectors, leveraging real-time threat feeds and tools to enhance the adversarial simulation. Develop detailed engagement reports, providing both actionable remediation steps and strategic recommendations to improve the client's defense. Assist in maintaining red team infrastructure, including command and control (C2) systems, attack vectors, and exploit tools. Engage with leadership and stakeholders to review findings and guide them through the recommendations for improving their security posture. Stay ahead of emerging attack trends and evolve red team tactics accordingly, ensuring OpSec compliance at all times. Collaborate with blue team counterparts during purple team engagements to improve detection and response capabilities. Mandatory Certifications - OSCP, OSWP, GPEN, OSCE, CRTO, GXPN, CREST Certified Simulated Attack Specialist Preferred Certifications - OSCE3, OSWE, OSEP, OSED, CREST Certified Simulated Attack Specialist, SABSA, AWS Security Specialist Preferred: B. E / B.Tech / M.S in any engineering discipline; 5-7 years of cyber risk services experience. Proven ability to emulate sophisticated adversary tactics, techniques, and procedures (TTPs) to identify and exploit weaknesses in organizational defenses. Familiarity with red teaming methodologies, offensive security tools, and frameworks such as MITRE ATT&CK. Experience with tools like Cobalt Strike, Metasploit, and Empire for command and control, exploitation, and lateral movement within environments. Proficiency in scripting languages like Python, PowerShell, or Bash for automation and custom tool creation. Knowledge of evasion techniques to bypass antivirus (AV), endpoint detection and response (EDR), and network monitoring tools. Strong understanding of privilege escalation, lateral movement, and persistence mechanisms in both Windows and Linux environments. Hands-on experience conducting phishing campaigns, social engineering attacks, and delivering payloads via HTML smuggling or other covert techniques. Ability to assess and manipulate Active Directory configurations, conduct password spraying, and exploit common misconfigurations. Strong knowledge of reverse engineering tools such as IDA Pro and Ghidra for analyzing malware or binaries. Excellent ability to create detailed post-engagement reports and recommendations for improving detection and response capabilities. Knowledge of operational security (OpSec) best practices to avoid detection during adversarial engagements. Ability to think creatively in developing offensive strategies and adapting to blue team defenses. Strong desire to continuously learn emerging attack vectors and defensive countermeasures. Outstanding communication skills, with the ability to explain offensive security techniques to both technical and non-technical stakeholders. Howyouwill Grow At Deloitte,we have invested a great deal to create arich environment in whichour professionals can grow.We want all ourpeopleto developin their own way,playingto theirown strengthsastheyhonetheirleadershipskills.And,as a part of our efforts, we provide our professionals with a variety of learning and networking opportunities—including exposuretoleaders,sponsors,coaches,andchallengingassignments—tohelpacceleratetheircareersalongtheway. No two people learn in exactly the same way. So, we provide a range of resources, including live classrooms, team-based learning,and eLearning.Deloitte University(DU):The LeadershipCenter in India,our state-of-the-art, world-class learning centerin the Hyderabad office, is an extension of the DU in Westlake, Texas, and represents a tangiblesymbolofourcommitmenttoourpeople’sgrowthanddevelopment. ExploreDU:TheLeadershipCenterin India . Benefits AtDeloitte,weknowthatgreatpeoplemakeagreatorganization.Wevalueourpeopleandofferemployeesabroad range of benefits. Learn more about what working at Deloitte can mean for you. Deloitte’s culture Our positive and supportive culture encourages our people to do their best workeveryday. We celebrate individuals by recognizing their uniqueness and offering them the flexibility to make daily choices that can help them to be healthy,centered,confident,andaware.Weofferwell-beingprogramsandarecontinuouslylookingfornewwaysto maintainaculturethatisinclusive,invitesauthenticity,leveragesourdiversity,andwhereourpeopleexcelandlead healthy, happy lives. Learn more about Life at Deloitte. Corporate citizenship Deloitte is led by a purpose: to make an impact that matters. This purpose defines who we are and extends to relationshipswithourclients,ourpeople,andourcommunities.Webelievethatbusinesshasthepowertoinspireand transform.We focus on education,giving,skill-basedvolunteerism,and leadership to help drive positive social impact in our communities. Learn more about Deloitte’s impact on the world. Our purpose Deloitte’s purpose is to make an impact that matters for our people, clients, and communities. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. Our purpose comes through in our work with clients that enables impact and value in their organizations, as well as through our own investments, commitments, and actions across areas that help drive positive outcomes for our communities. Our people and culture Our inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ideas and perspectives, and bring more creativity and innovation to help solve our clients' most complex challenges. This makes Deloitte one of the most rewarding places to work. Professional development At Deloitte, professionals have the opportunity to work with some of the best and discover what works best for them. Here, we prioritize professional growth, offering diverse learning and networking opportunities to help accelerate careers and enhance leadership skills. Our state-of-the-art DU: The Leadership Center in India, located in Hyderabad, represents a tangible symbol of our commitment to the holistic growth and development of our people. Explore DU: The Leadership Center in India . Benefits To Help You Thrive At Deloitte, we know that great people make a great organization. Our comprehensive rewards program helps us deliver a distinctly Deloitte experience that helps that empowers our professionals to thrive mentally, physically, and financially—and live their purpose. To support our professionals and their loved ones, we offer a broad range of benefits. Eligibility requirements may be based on role, tenure, type of employment and/ or other criteria. Learn more about what working at Deloitte can mean for you. Recruiting tips From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters. Requisition code: 300440

We are seeking a highly skilled Senior Application Engineer with strong expertise in network infrastructure, application deployment, and enterprise security tools. The ideal candidate will design and manage robust network architectures while ensuring performance, reliability, and cybersecurity compliance. The role includes working on LAN/WAN/VPN infrastructure, supporting application performance, and managing EDR, XDR, SIEM, and MDM platforms. 🛠 Key Responsibilities: Network & Infrastructure: Design, implement, and manage LAN, WAN, VPN, and wireless network architectures. Configure and install firewalls, routers, switches, and access points. Monitor and maintain network performance, uptime, and security posture. Troubleshoot complex network outages and performance bottlenecks. Maintain network documentation, diagrams, and topology maps. Application Engineering: Lead application deployment, performance tuning, and upgrade rollouts. Manage middleware, web, and application servers (e.g., Apache, Tomcat, IIS). Monitor application health, logs, and metrics for performance or anomalies. Ensure application availability, redundancy, and disaster recovery readiness. Collaborate with DevOps and development teams for CI/CD and production support. Security & Governance: Manage and respond to alerts from EDR/XDR and SIEM platforms (e.g., Splunk, Microsoft Defender, SentinelOne). Implement MDM and endpoint hardening policies. Enforce network segmentation and Zero Trust security principles. Support container security in Docker and Kubernetes environments. 🧰 Tools & Skills: Wireshark, Burp Suite, Nmap, Nessus, Qualys, Splunk, etc. Deep understanding of security frameworks and best practices. Strong documentation, communication, and team collaboration skills. Ability to multitask in a fast-paced and evolving tech landscape. 🎓 Qualifications: B.E. / B.Tech / M.Tech in Computer Science, IT, or equivalent. 3+ years of hands-on experience in network, system, or application engineering. Industry certifications preferred (CCNP, RHCE, CEH, Azure/AWS Security, etc.).

At F5, we strive to bring a better digital world to life. Our teams empower organizations across the globe to create, secure, and run applications that enhance how we experience our evolving digital world. We are passionate about cybersecurity, from protecting consumers from fraud to enabling companies to focus on innovation. Everything we do centers around people. That means we obsess over how to make the lives of our customers, and their customers, better. And it means we prioritize a diverse F5 community where each individual can thrive. Position Overview: F5 is seeking a highly experienced and results-driven Technical Program Manager (TPM) to lead and manage critical programs focused on software security. This is a senior level role that will drive initiatives that enhance F5’s security posture by implementing best practices for vulnerability management, security scanners, CVE tracking, Security Software Development Life Cycle (SDLC), and more. The ideal candidate will have a deep understanding of security programs, a strong technical background in software development, and a proven track record of successfully delivering cross-functional initiatives in complex environments. As a trusted leader, you will collaborate closely with engineering, security, product, and operations teams to ensure F5’s products and processes meet the highest security standards while enabling business objectives. Key Responsibilities: Program Management: Strategically plan and deliver programs and initiatives across key security and vulnerability management areas, including implementation of security tools (scanners, CI/CD integrations), tracking and addressing vulnerabilities (e.g., CVEs), and enforcing best practices throughout the software development lifecycle. Own program roadmaps, timelines, deliverables, and reporting, ensuring execution aligns with business goals, security requirements, and resource capacity. Drive key metrics and outcomes for security, tracking improvements in vulnerability remediation, compliance, and overall risk reduction. Security SDLC and Vulnerability Management: Partner with engineering and security teams to integrate Security SDLC (Secure Software Development Lifecycle) best practices into the development process, ensuring security is considered and implemented at every stage. Manage programs for vulnerability detection, assessment, and remediation to ensure timely resolution of security risks identified across F5 products and environments. Develop and implement governance processes for tracking and addressing externally reported vulnerabilities, such as Common Vulnerabilities and Exposures (CVEs), ensuring effective prioritization and swift resolution. Cross-Functional Collaboration: Build strong relationships with software engineering, product management, cybersecurity, IT, and operations teams to foster alignment across security-related goals and projects. Act as the central point of coordination for security initiatives, driving progress and ensuring accountability across stakeholders. Facilitate efficient communication between technical and non-technical teams to ensure clarity around priorities, goals, and timelines. Risk and Compliance Management: Drive alignment on security requirements, risk tolerance, and compliance needs, partnering with internal and external security auditors where required. Ensure teams are meeting corporate and industry security standards, including regulatory and policy compliance, while achieving development velocity. Proactively identify and manage security risks through effective mitigation planning and ongoing tracking. Process Improvement and Tooling: Evaluate current security program practices, tools, and workflows, identifying gaps and opportunities for improvement in efficiency and effectiveness. Lead the implementation of automated tools for static and dynamic code analysis, dependency scanning, and configuration management to identify and address vulnerabilities earlier in the development process. Metrics and Reporting: Define, track, and report on KPIs and success metrics for security efforts, including vulnerability remediation rates, defect density reduction, and SLAs for incident response. Provide clear and actionable updates to executive leadership and key stakeholders on the status of security programs, progress, risks, and outcomes. Qualifications: Education: Bachelor’s degree in Computer Science, Software Engineering, Cybersecurity, or a related technical discipline (Master’s preferred). Experience: 8+ years of experience in program management, with at least 3 years focused on security programs, vulnerability management, or security operations (senior level); 10+ years for principal level. Proven experience implementing Security SDLC processes and collaborating with software teams to deliver secure, production-grade solutions. Solid understanding of security domains, particularly vulnerability scanning tools (e.g., Tenable Nessus, Snyk, Qualys), CVE tracking, dependency management, and secure coding practices. Technical Expertise: In-depth knowledge of software development methodologies, including Agile and DevSecOps principles. Familiarity with CI/CD pipelines, source code repositories, and tools for static/dynamic application security testing (e.g., SonarQube, Checkmarx, Veracode). Understanding of vulnerability databases (e.g., NVD), common exploitation techniques, and secure design principles. Basic understanding of threat modeling and risk assessment techniques (stronger expertise is a plus). Leadership and Collaboration: Experience working in highly cross-functional, multi-team environments, with the ability to motivate, guide, and align diverse stakeholders. Exceptional interpersonal, written, and verbal communication skills, with the ability to convey complex security requirements and issues to non-technical audiences, executives, and engineering teams alike. Demonstrated ability to influence without authority and lead by example. Problem Solving and Decision Making: Ability to analyze complex problems, evaluate trade-offs, and make sound decisions in a fast-paced environment. Strong risk management skills, with the ability to balance security needs with engineering velocity and business priorities. Preferred Qualifications: Project management certification (e.g., PMP, PgMP, or PMI-ACP) or security-related certifications (e.g., CISSP, CISM, or CISA). Experience with cloud security and platform-oriented vulnerability management tools like Bugzilla or similar. Familiarity with emerging cybersecurity trends and zero-day vulnerability exploitation techniques. Knowledge of networking and application delivery technologies (F5 experience is a plus!). The Job Description is intended to be a general representation of the responsibilities and requirements of the job. However, the description may not be all-inclusive, and responsibilities and requirements are subject to change. Please note that F5 only contacts candidates through F5 email address (ending with @f5.com) or auto email notification from Workday (ending with f5.com or @myworkday.com) . Equal Employment Opportunity It is the policy of F5 to provide equal employment opportunities to all employees and employment applicants without regard to unlawful considerations of race, religion, color, national origin, sex, sexual orientation, gender identity or expression, age, sensory, physical, or mental disability, marital status, veteran or military status, genetic information, or any other classification protected by applicable local, state, or federal laws. This policy applies to all aspects of employment, including, but not limited to, hiring, job assignment, compensation, promotion, benefits, training, discipline, and termination. F5 offers a variety of reasonable accommodations for candidates. Requesting an accommodation is completely voluntary. F5 will assess the need for accommodations in the application process separately from those that may be needed to perform the job. Request by contacting accommodations@f5.com.

Job requisition ID :: 81576 Date: Jul 3, 2025 Location: Kochi Designation: Consultant Entity: Deloitte Touche Tohmatsu India LLP Your potential, unleashed. India’s impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realize your potential amongst cutting edge leaders, and organizations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with our drive to propel with purpose and you have the perfect playground to collaborate, innovate, grow, and make an impact that matters. The team Deloitte helps organizations prevent cyberattacks and protect valuable assets. We believe in being secure, vigilant, and resilient—not only by looking at how to prevent and respond to attacks, but at how to manage cyber risk in a way that allows you to unleash new opportunities. Embed cyber risk at the start of strategy development for more effective management of information and technology risks Your work profile. As an Consultant /Assistant Manager / Deputy Manager in our Cyber Team, you’ll build and nurture positive working relationships with teams and clients with the intention to exceed client expectations: - Key Responsibilities: Total 2+years of experience in Cyber security VAPT- Web Application Security Pentesting, Mobile Application Testing, Infra Testing, Source Code Review, Cloud Configuration Review Certification - OSCP, CRTP, CEH, EJPT Understanding of basic business and information technology management processes. Good knowledge of TCP/ IP and Networks including Firewall, IDS/IPS, Routers, Switches, and network architecture. Experience of Web Application Security Testing, Infrastructure VAPT, API testing. Experience on Mobile Security Pen-Testing (iOS and Android). Experience in conducting config reviews of Windows, Linux, UNIX, Solaris, Databases, etc. Experience with Vulnerability Management tools: Kali Linux, Acunetix, AppScan, Nexpose, Qualys Guard, Nessus, Nmap, Metasploit, Fortify etc. Experience in basic scripting such as: Shell, Python, PERL, etc. Basic knowledge of Technologies such as: IPSEC, SSL, SSH, VPN, Ethernet Token Ring, WAP, SMTP, FTP, Frame Relay, WAN, ATM, FDDI, DSL, ISDN, HP Openview, Sun NetManage, Cisco Works, Radius, Big Brother, F5 Desired qualifications B.Tech/M.Tech Candidates must possess security certification of CEH, LPT, OSCP. Good to have security certification for GPEN, CREST/ Your role as a Consultant We expect our people to embrace and live our purpose by challenging themselves to identify issues that are most important for our clients, our people, and for society. In addition to living our purpose, Senior Executive across our organization must strive to be: Inspiring - Leading with integrity to build inclusion and motivation Committed to creating purpose - Creating a sense of vision and purpose Agile - Achieving high-quality results through collaboration and Team unity Skilled at building diverse capability - Developing diverse capabilities for the future Persuasive / Influencing - Persuading and influencing stakeholders Collaborating - Partnering to build new solutions Delivering value - Showing commercial acumen Committed to expanding business - Leveraging new business opportunities Analytical Acumen - Leveraging data to recommend impactful approach and solutions through the power of analysis and visualization Effective communication – Must be well abled to have well-structured and well-articulated conversations to achieve win-win possibilities Engagement Management / Delivery Excellence - Effectively managing engagement(s) to ensure timely and proactive execution as well as course correction for the success of engagement(s) Managing change - Responding to changing environment with resilience Managing Quality & Risk - Delivering high quality results and mitigating risks with utmost integrity and precision Strategic Thinking & Problem Solving - Applying strategic mindset to solve business issues and complex problems Tech Savvy - Leveraging ethical technology practices to deliver high impact for clients and for Deloitte Empathetic leadership and inclusivity - creating a safe and thriving environment where everyone's valued for who they are, use empathy to understand others to adapt our behaviours and attitudes to become more inclusive. How you’ll grow Connect for impact Our exceptional team of professionals across the globe are solving some of the world’s most complex business problems, as well as directly supporting our communities, the planet, and each other. Know more in our Global Impact Report and our India Impact Report. Empower to lead You can be a leader irrespective of your career level. Our colleagues are characterised by their ability to inspire, support, and provide opportunities for people to deliver their best and grow both as professionals and human beings. Know more about Deloitte and our One Young World partnership. Inclusion for all At Deloitte, people are valued and respected for who they are and are trusted to add value to their clients, teams and communities in a way that reflects their own unique capabilities. Know more about everyday steps that you can take to be more inclusive. At Deloitte, we believe in the unique skills, attitude and potential each and every one of us brings to the table to make an impact that matters. Drive your career At Deloitte, you are encouraged to take ownership of your career. We recognise there is no one size fits all career path, and global, cross-business mobility and up / re-skilling are all within the range of possibilities to shape a unique and fulfilling career. Know more about Life at Deloitte. Everyone’s welcome… entrust your happiness to us Our workspaces and initiatives are geared towards your 360-degree happiness. This includes specific needs you may have in terms of accessibility, flexibility, safety and security, and caregiving. Here’s a glimpse of things that are in store for you. Interview tips We want job seekers exploring opportunities at Deloitte to feel prepared, confident and comfortable. To help you with your interview, we suggest that you do your research, know some background about the organisation and the business area you’re applying to. Check out recruiting tips from Deloitte professionals. *Caution against fraudulent job offers*: We would like to advise career aspirants to exercise caution against fraudulent job offers or unscrupulous practices. At Deloitte, ethics and integrity are fundamental and not negotiable. We do not charge any fee or seek any deposits, advance, or money from any career aspirant in relation to our recruitment process. We have not authorized any party or person to collect any money from career aspirants in any form whatsoever for promises of getting jobs in Deloitte or for being considered against roles in Deloitte. We follow a professional recruitment process, provide a fair opportunity to eligible applicants and consider candidates only on merit. No one other than an authorized official of Deloitte is permitted to offer or confirm any job offer from Deloitte. We advise career aspirants to exercise caution. In this regard, you may refer to a more detailed advisory given on our website at: https://www2.deloitte.com/in/en/careers/advisory-for-career-aspirants.html?icid=wn_