57 Red Teaming Jobs

https://zrec.in/fzrVM?source=CareerSite

The Security Testing Operations Analyst is a crucial role for the vulnerability management and offensive testing activities across the group to which protects the business from sophisticated cyber threats! The role holder will work with our 3rd party vendors to plan and facilitate our testing programmes ensuring they run efficiently. These programmes include our regulator led Thread Intelligence Led Pen Testing (TLTP), Red teaming, Social engineering simulations, B ug Bounty and external vulnerability scanning services. The applicant will be a domain authority on vulnerability impact and risk, provide insight on root cause analysis and remediation. This role requires working closely within a technical team and with external teams, BISOs, the GSOC, and other entities. The candidate will stay ahead of emerging cyber security thought leadership sharing ideas for areas of improvement and innovation to support good risk decisions making that drive continuous security risk improvement Role Responsibilities & Key Accountabilities: Collaborate with external vendors coordinating the timely delivery of requirements Review vulnerability reports, validate issues reported and triage based on risk Support teams in understanding vulnerabilities and validate fixes through retesting Coordinate remediation efforts by detailing actions, owners and timelines. Then follow up where appropriate Qualifications & Experience: Technology related Bachelor&aposs Degree or equivalent experience and certifications in cyber security Background in Red Teaming / Penetration Testing / Bug Bounty advantageous! Understanding of enterprise IT system environments Knowledge of security vulnerabilities and common software engineering flaws and Network Defence analytical models (Kill Chain, ATT&CK, etc.) Strong verbal & written communication skills & presentation skills Ability to work in a fast-paced environment as a problem solver and barrier breaker with initiative LSEG is a leading global financial markets infrastructure and data provider. Our purpose is driving financial stability, empowering economies and enabling customers to create sustainable growth. Our purpose is the foundation on which our culture is built. Our values of Integrity, Partnership , Excellence and Change underpin our purpose and set the standard for everything we do, every day. They go to the heart of who we are and guide our decision making and everyday actions. Working with us means that you will be part of a dynamic organisation of 25,000 people across 65 countries. However, we will value your individuality and enable you to bring your true self to work so you can help enrich our diverse workforce. You will be part of a collaborative and creative culture where we encourage new ideas and are committed to sustainability across our global business. You will experience the critical role we have in helping to re-engineer the financial ecosystem to support and drive sustainable economic growth. Together, we are aiming to achieve this growth by accelerating the just transition to net zero, enabling growth of the green economy and creating inclusive economic opportunity. LSEG offers a range of tailored benefits and support, including healthcare, retirement planning, paid volunteering days and wellbeing initiatives. We are proud to be an equal opportunities employer. This means that we do not discriminate on the basis of anyone&aposs race, religion, colour, national origin, gender, sexual orientation, gender identity, gender expression, age, marital status, veteran status, pregnancy or disability, or any other basis protected under applicable law. Conforming with applicable law, we can reasonably accommodate applicants' and employees' religious practices and beliefs, as well as mental health or physical disability needs. Please take a moment to read this privacy notice carefully, as it describes what personal information London Stock Exchange Group (LSEG) (we) may hold about you, what it&aposs used for, and how it&aposs obtained, your rights and how to contact us as a data subject . If you are submitting as a Recruitment Agency Partner, it is essential and your responsibility to ensure that candidates applying to LSEG are aware of this privacy notice. Show more Show less

Job Description Mission The Triager CERT position is part of the Groups Computer Emergency Response Team (CERT), the organization’s cyber defense division. The team’s mission is centered around three critical areas: 1. Threat Prevention & Crisis Preparedness – Proactively anticipating and mitigating threats while preparing for potential cyber crises. 2. Threat Detection & Analysis – Identifying vulnerabilities, detecting threats, and uncovering attacks. 3. Incident Response – Investigating, managing, and resolving security incidents while mitigating their impact on the IT ecosystem. 4. Analyzes risks, performs studies and implements solutions to ensure the security of IT and digital solutions (availability, integrity, confidentiality, traceability). Additional Information: This position operates within a follow-the-sun model to ensure global coverage and requires 3-4 days of office presence per week. Weekend on-call support will be on a rotational basis. Experience and Skills Required: 5- 10 years of experience in the IT security domain, with a background in IT development or DevOps. Proven ability to maintain confidentiality and discretion in handling sensitive information. Extensive experience with incident management and familiarity with SIEM tools. Strong collaboration skills, with the ability to work effectively in a global team environment. Behavior skills: Exceptional organizational and analytical skills. Ability to work in a fast-paced environment while maintaining attention to detail. Strong communication and interpersonal skills to liaise with global teams and stakeholders. Proactive mindset with a commitment to continuous improvement in incident management processes. KEY EXPECTED ACHIEVEMENTS: Service Delivery Manager (SDM) – 70% The primary responsibility of the SDM is to ensure the efficient functioning of the incident response process within CERT, ensuring that attacks are detected and contained. Key duties include: Monitoring security alerts raised through various channels. Understanding incidents, assessing their criticality and priority. Creating or modifying tickets and assigning them to analysts. Tracking ticket resolution to ensure closure in compliance with SLAs. Maintaining constant communication with global CERT teams (France, Americas, India, and China) and other stakeholders (e.g., DOTI, DOMF). Consolidating and publishing statistics/figures related to incidents handled by CERT and other stakeholders. This includes: Verifying SLA compliance, especially for priority 1 incidents. Quantifying the number of incidents handled by CERT based on various analytical axes. Analyzing SLAs, proposing improvement actions, and following up on their implementation. Keeping the following documentation updated: Skills matrix for ticket orientation. Analyst access management. Decision trees for incident routing. Additional Activities – 30% Depending on their expertise, the triager may be assigned occasional missions within the team, such as: Development projects. Security incident response tasks.

You will be responsible for leading and mentoring a team of security professionals in executing offensive security assessments, penetration testing, and red team exercises. A deep understanding of attack methodologies, vulnerability research, and security best practices, coupled with strong leadership and communication skills, is essential. Your role as the Red Team Leader will be pivotal in enhancing the organization's security posture by identifying weaknesses and offering actionable recommendations. Your key responsibilities will include leading, mentoring, and developing a high-performing red team, planning and executing complex red team exercises and penetration tests, developing and maintaining red team methodologies and tools, preparing and delivering clear reports to management, collaborating with other security stakeholders, conducting vulnerability research, staying updated on the latest threat intelligence, continuously improving red team processes, and ensuring compliance with legal and ethical standards. To excel in this role, you should ideally have a Bachelor's degree in Computer Science, Information Security, or a related field, along with relevant certifications such as OSCP, OSCE, GPEN, or CEH. Extensive experience in penetration testing, red teaming, and offensive security, along with demonstrated leadership experience, is required. Proficiency in network protocols, operating systems, web applications, security tools, scripting languages like Python and Bash, penetration testing frameworks like Metasploit and Cobalt Strike, and various attack techniques is crucial. Excellent communication, interpersonal, and leadership skills, along with a strong attacker mindset, passion for security, and ethical conduct, are essential. Preferred qualifications include experience in large-scale enterprise software development, cloud security assessments, and knowledge of security architecture and design.,

Job Title: Lead Assistant Manager - Offensive Security (IC Role) We are looking for a skilled offensive security professional to take a leading role in executing and enhancing our offensive security operations. This is an individual contributor (IC) position, with Lead reflecting the expectation to drive engagements technically and operationally - not people management. The ideal candidate will have 3-5 years of hands-on experience in red teaming, adversary simulation, or penetration testing, with a solid understanding of attacker tradecraft and the ability to execute advanced offensive assessments. You will be responsible for planning, executing, and reporting on offensive engagements that accurately reflect real-world threats, working closely with internal teams to strengthen detection and response capabilities. Key Responsibilities: Lead offensive security engagements end-to-end - from scoping and planning to execution and reporting. Conduct red team and adversary emulation campaigns across infrastructure, applications, and cloud environments. Identify and exploit security gaps using realistic tactics, techniques, and procedures (TTPs) such as privilege escalation, lateral movement, and domain dominance. Participate in Purple Team exercises to enhance defensive detection and response. Maintain and improve offensive methodologies, tools, and playbooks. Deliver high-quality technical reports and concise executive summaries, clearly outlining attack paths, risks, and recommendations. Keep up to date with evolving attack techniques and integrate them into testing activities. Experience: 3-5 years of experience in red teaming, penetration testing, or other offensive security roles. Proven ability to execute and coordinate complex offensive security operations. Hands-on experience with enterprise environments, including Active Directory and cloud platforms. Technical Skills: Strong understanding of Windows and Linux internals, enterprise AD security, and common cloud attack surfaces. Proficiency in offensive techniques: lateral movement, domain escalation, Kerberoasting, delegation abuse, and token manipulation. Experience with C2 frameworks (e.g., Cobalt Strike, Sliver, Mythic) and post-exploitation tradecraft. Familiarity with tools such as BloodHound, Mimikatz, Rubeus, Responder, SharpHound, and Burp Suite. Working knowledge of the MITRE ATT&CK framework. Scripting skills in PowerShell, Python, or Bash for automation and PoC development. Communication & Reporting: Strong technical documentation skills, translating offensive findings into clear, actionable reports. Ability to explain technical vulnerabilities and attack paths to both technical teams and leadership. Preferred Qualifications: Experience with Purple Team exercises. Familiarity with threat intelligence-led testing methodologies. Exposure to AppSec testing. Relevant certifications (e.g., OSCP, CRTO, CRTP, OSEP) are a plus.

Job Title: Senior Security Analyst Location - Hyderabad & Bangalore Position Summary: Softcell Global Technologies Pvt. Ltd. is seeking a highly skilled Senior Security Analyst with strong offensive security capabilities across the Web, Network, Mobile, Active Directory, OT environments and at least 4-5 years of experience in vulnerability assessment, penetration testing and code review. The ideal candidate must demonstrate proven hands-on experience, leadership ability, and excellent communication skills to manage project delivery, lead a technical team, and coordinate directly with enterprise clients. Practical skills are mandatory, and all shortlisted candidates will undergo a practical assessment. Key Responsibilities : Conduct in-depth penetration tests on web apps, APIs, networks, cloud, and OT environments. Execute internal infrastructure and Active Directory exploitation using BloodHound, CrackMapExec, Impacket, etc. Perform OT/ICS/SCADA security testing, including assessments of protocols and firmware. Conduct comprehensive manual reviews to identify security flaws, insecure patterns, and logical vulnerabilities SAST and DAST. Chain vulnerabilities to simulate end-to-end real-world attack scenarios and provide POCs. Team Leadership & Client Coordination Lead and mentor junior security analysts during engagements. Act as the technical lead for VAPT projects, ensuring timely delivery and quality assurance. Interface directly with clients to understand requirements, present findings, and suggest remediation strategies. Manage testing schedules, reporting timelines, and escalation workflows. Draft detailed vulnerability reports with actionable remediation. Mandatory Requirements 45 years of hands-on experience in penetration testing and red teaming. Strong grasp of OWASP Top 10, MITRE ATT&CK, and real-world threat simulation. Expertise in AD security, internal lateral movement, and domain privilege escalation. Familiarity with OT security controls, risk frameworks (NIST, IEC 62443), and protocol fuzzing. Scripting proficiency in Python, PowerShell, or Bash. Exposure to tools like Nmap, Wireshark, Burp Suite, Metasploit, BloodHound, SonarQube, Checkmarx, etc Leadership experience in managing client-facing pentest projects. Bachelors degree in Computer Science, Cybersecurity, or related field. Excellent communication, documentation, and collaboration skills. Additional Details Immediate Joiners Preferred Practical Skills are a Must Location: Hyderabad and Bangalore (Onsite Only) Bonus points for published CVEs, bug bounty recognition, open-source security tools, research contributions, or participation in industry events, workshops, and communities. Preferred Certifications OSCP Offensive Security Certified Professional OSWE Offensive Security Web Expert CRTP Certified Red Team Professional CRTE Certified Red Team Expert CPENT Certified Penetration Testing Professional CEH Certified Ethical Hacker eJPT, eCPTX, CBBH, PNPT or equivalent certifications in advanced adversarial simulation. Show more Show less

Application Link: https://careers.ey.com/job-invite/1585585/ We are seeking a skilled and motivated Red Teaming Engineer to join our cybersecurity team. The ideal candidate will have a strong background in red teaming, with expertise in Active Directory and familiarity with the MITRE ATT&CK framework. You will be responsible for simulating real-world attacks to identify vulnerabilities and improve our security posture. Key Responsibilities: Conduct red team assessments to simulate advanced persistent threats (APTs) and identify vulnerabilities in our systems. Utilize the MITRE ATT&CK framework to guide attack simulations and reporting. Perform penetration testing on various systems, applications, and networks. Assess and exploit Active Directory environments to evaluate security controls and configurations. Collaborate with other security teams to develop and implement effective remediation strategies. Document findings and provide detailed reports on vulnerabilities, risks, and recommendations for improvement. Stay updated on the latest security threats, trends, and technologies. Mandatory Skills: Proven experience in red teaming and penetration testing. Strong knowledge of Active Directory and its security implications. Familiarity with the MITRE ATT&CK framework and its application in threat modeling. Proficiency in scripting and automation tools (e.g., Python, PowerShell). Excellent problem-solving skills and attention to detail. Strong communication skills, both written and verbal. Preferred Qualifications: Relevant certifications (e.g., OSCP, CEH, GPEN). Experience with security tools and frameworks (e.g., Metasploit, Burp Suite, Nmap). Knowledge of network protocols and security best practices.

Role & responsibilities Penetration Testing & Red Teaming Lead and execute: Mobile Application Penetration Testing (static & dynamic analysis, jailbreak/root bypass). API Vulnerability & Penetration Testing (BOLA, mass assignment, parameter tampering). Web Application Vulnerability Assessments & Exploitation (OWASP Top 10, custom attacks). Network Penetration Testing (internal & external infrastructure). Simulate real-world attack chains across mobile API cloud infra, including privilege escalation and data exfiltration. Perform reverse engineering of mobile binaries (IPA/APK), patch protections, and bypass anti-debugging. Team Leadership & Management Lead and mentor the CTR team members on mobile, API, and web security assessments. Review and validate penetration testing reports prepared by team members. Review and triage reports from external researchers submitted through bug bounty platforms and vulnerability disclosure programs. Provide strategic guidance and advisory to stakeholders on security risks, design improvements, and remediation strategies. Security Tools & Frameworks Proficiency with reverse engineering tools: Ghidra, IDA Pro, Hopper, Radare2 . Skilled in OWASP ZAP and aligned with OWASP MSTG/MASVS frameworks. Ability to create custom tools/scripts for automation and exploit development. Programming & Scripting Skills Hands-on experience with: C/C++, Objective-C, Swift, Java, Kotlin, Python . Ability to build custom security testing tools and automation frameworks. API & Cloud Security Deep knowledge of OAuth2.0, JWT, OpenID Connect, SAML . Familiarity with securing cloud-native APIs and identifying misconfigurations. Required Certifications: OffSec Experienced Penetration Tester (OSEP) Offensive Security Certified Professional (OSCP) Red Team Operator (CRTO or equivalent) eLearnSecurity Certified Penetration Tester eXtreme (eCPTX) eLearnSecurity Web Application Penetration Tester eXtreme (eWPTX) eLearnSecurity Certified Professional Penetration Tester (eCPPT) Preferred candidate profile 10+ years of experience in penetration testing, red teaming, and application security . Demonstrated ability to evade EDR/MDM detections in red team scenarios. Experience in bug bounty, vulnerability disclosure, or external researcher report validation . Strong communication and stakeholder advisory skills.

Role & responsibilities Penetration Testing & Red Teaming Lead and execute: Mobile Application Penetration Testing (static & dynamic analysis, jailbreak/root bypass). API Vulnerability & Penetration Testing (BOLA, mass assignment, parameter tampering). Web Application Vulnerability Assessments & Exploitation (OWASP Top 10, custom attacks). Network Penetration Testing (internal & external infrastructure). Simulate real-world attack chains across mobile API cloud infra, including privilege escalation and data exfiltration. Perform reverse engineering of mobile binaries (IPA/APK), patch protections, and bypass anti-debugging Security Tools & Frameworks Proficiency with reverse engineering tools: Ghidra, IDA Pro, Hopper, Radare2 . Skilled in OWASP ZAP and aligned with OWASP MSTG/MASVS frameworks. Ability to create custom tools/scripts for automation and exploit development. Programming & Scripting Skills Hands-on experience with: C/C++, Objective-C, Swift, Java, Kotlin, Python . Ability to build custom security testing tools and automation frameworks. API & Cloud Security Deep knowledge of OAuth2.0, JWT, OpenID Connect, SAML . Familiarity with securing cloud-native APIs and identifying misconfigurations. Preferred candidate profile • 5+ years of experience in code review, application security testing, or web application development • Excellent written and verbal communication skills • Strong scripting skills (e.g. Python, Ruby, Perl) • Experience with cloud platforms, such as AWS, and knowledge of cloud security best practices • Familiarity with development technologies like Docker, CDK, Terraform, Java, Python, React, GraphQL, Javascript, JSON, REST, etc. • Must possess a high degree of integrity and confidentiality, as well as the ability to adhere to both company policies and best practices • Technical background in application development, networking/system administration, security testing, or related fields • Experience with both static application security testing (SAST) and dynamic application security testing (DAST) using various tools and techniques • Preferred, but not required - one or more relevant certifications such as Offensive Security Web Assessor (OSWA), Offensive Security Web Expert (OSWE), Offensive Security Certified Professional (OSCP), Burp Suite Certified Practitioner, or AWS Certified Security Specialist.

The role involves translating customer needs into technical systems solutions and leading projects at the architecture level. It requires determining and developing architectural approaches for solutions and conducting business reviews. The ideal candidate should have 8-10 years of experience with a strong technical background in system and applications solution architecture design. Additionally, experience in designing solutions using appropriate platforms and system technologies is essential. A degree in Computer Science and Engineering is preferred. Key responsibilities include analyzing the client's needs and translating them into system and architecture requirements to ensure that the design meets the client's needs. Evaluating the client's system specifications, work practices, and business nature is crucial. Developing a solution concept design in alignment with enterprise architecture and business requirements is also a key aspect of the role. Analyzing the impact of solutions on the client's overall business processes and systems to mitigate business risks is another important responsibility. The ideal candidate for the Cyber Security Architect position should have at least 18 years of IT experience, with 10 years specifically in Cybersecurity Project Experience. Key requirements include proven experience in Cybersecurity architecture, focusing on Threat Hunting, Threat Adversaries, Offensive Security activities, and the Mitre ATT&CK framework. Expertise in delivering enterprise-level defensible security architecture and industry-specific cyber architecture framework for multiple customer projects is essential. In-depth knowledge of cybersecurity principles, practices, technologies, and methodologies is required. Hands-on experience with Cybersecurity tools and technologies such as SIEM platforms, threat intelligence platforms, endpoint detection and response (EDR) solutions, etc., in the past five years is necessary. A strong understanding of offensive security techniques, including penetration testing, Red Teaming, and Ethical Hacking, is also important. Expertise with security compliance and the ability to develop security controls adhering to security frameworks and agile practices for a leading global organization are key requirements. Candidates for this role must possess one or multiple advanced security certifications from accredited bodies, such as Certified Information Systems Security Professional (CISSP), Certified Cloud Security Professional (CCSP), Offensive Security Certified Professional (OSCP), CompTIA Advanced Security Practitioner (CASP+), or Certified Information Security Manager (CISM). The location for this role is Bangalore/Ahmedabad.,

Who We Are At Kyndryl, we design, build, manage and modernize the mission-critical technology systems that the world depends on every day. So why work at Kyndryl We are always moving forward - always pushing ourselves to go further in our efforts to build a more equitable, inclusive world for our employees, our customers and our communities. The Role As a System Administrator at Kyndryl, you'll solve complex problems and identify potential future issues across the spectrum of platforms and services. You'll be at the forefront of new technology and modernization, working with some of our biggest clients - which means some of the biggest in the world. There's never a typical day as a System Administrator at Kyndryl, because no two projects are alike. You'll be managing systems data for clients and providing day-to-day solutions and security compliance. You'll oversee a queue of assignments and work directly with technicians, prioritizing tickets to deliver the best solutions to our clients. One of the benefits of Kyndryl is that we work with clients in a variety of industries, from banking to retail. Whether you want to broaden your knowledge base or narrow your scope and specialize in a specific sector, you can find your opportunity here. You'll also get the chance to share your expertise by recommending modernization options, identifying new business opportunities, and cultivating relationships with other teams and stakeholders. Does the work get challenging at times Yes! But you'll collaborate with a diverse group of talented people and gain invaluable management and organizational skills, which will come in handy as you move forward in your career. Your future at Kyndryl Every position at Kyndryl offers a way forward to grow your career, from Junior System Administrator to Architect. We have opportunities for Cloud Hyperscalers that you won't find anywhere else, including hands-on experience, learning opportunities, and the chance to certify in all four major platforms. One of the benefits of Kyndryl is that we work with clients in a variety of industries, from banking to retail. Whether you want to broaden your knowledge base or narrow your scope and specialize in a specific sector, you can find your opportunity here. Who You Are You're good at what you do and possess the required experience to prove it. However, equally as important - you have a growth mindset keen to drive your own personal and professional development. You are customer-focused - someone who prioritizes customer success in their work. And finally, you're open and borderless - naturally inclusive in how you work with others. You're good at what you do and possess the required experience to prove it. However, equally as important - you have a growth mindset keen to drive your own personal and professional development. You are customer-focused - someone who prioritizes customer success in their work. And finally, you're open and borderless - naturally inclusive in how you work with others. Required Technical and Professional Expertise Having 7+ years of experience in Red Teaming and Attack Simulations Infra Security Team Lead and Offensive Penetration Tester Lead targeted red team simulations and adversary emulation Coordinate purple teaming and attack simulation reports Ensure red team findings and recommendations are integrated into VM lifecycle Validate business-critical threat scenarios Provide insights to improve incident detection and response Align simulations to MITRE ATT&CK and threat intelligence trends Conduct red team tasks as per simulation plan Assist with log collection, TTP mapping, and report development Monitor exploitation success and align findings to risk scenarios Provide support for follow-up remediation verification Build/redesign red team labs and attack paths Execute hands-on exploitation and lateral movement exercises Document TTPs, validate with detection teams, and report actionable outputs Support continuous improvement of attack simulations and detection tuning Preferred Technical and Professional Experience . Automation experience, especially IaaS (infrastructure as a code) . Vulnerability management . Microsoft Active Directory and federation service Being You Diversity is a whole lot more than what we look like or where we come from, it's how we think and who we are. We welcome people of all cultures, backgrounds, and experiences. But we're not doing it single-handily: Our Kyndryl Inclusion Networks are only one of many ways we create a workplace where all Kyndryls can find and provide support and advice. This dedication to welcoming everyone into our company means that Kyndryl gives you - and everyone next to you - the ability to bring your whole self to work, individually and collectively, and support the activation of our equitable culture. That's the Kyndryl Way. What You Can Expect With state-of-the-art resources and Fortune 100 clients, every day is an opportunity to innovate, build new capabilities, new relationships, new processes, and new value. Kyndryl cares about your well-being and prides itself on offering benefits that give you choice, reflect the diversity of our employees and support you and your family through the moments that matter - wherever you are in your life journey. Our employee learningprograms give you access to the best learning in the industry to receive certifications, includingMicrosoft, Google, Amazon, Skillsoft, and many more. Through our company-wide volunteering and giving platform, you can donate, start fundraisers, volunteer, and search over 2 million non-profit organizations. At Kyndryl, we invest heavily in you, we want you to succeed so that together, we will all succeed. Get Referred! If you know someone that works at Kyndryl, when asked How Did You Hear About Us during the application process, select Employee Referral and enter your contact's Kyndryl email address.

As a Deputy Manager specializing in Application & Infrastructure Security with Red Teaming Skills, you will be responsible for conducting Web-Application Security Testing, Infrastructure Vulnerability Assessment, Penetration Testing, and generating detailed reports. With a minimum of 2-3 years of hands-on experience in application security and Red teaming exercises, you are expected to possess a strong understanding of security solutions including firewall, DDOS, IPS, AD, and WAF. Your role will involve thriving in a dynamic work environment that requires multi-department coordination to achieve targeted outcomes. You should have the ability to manage multiple priorities efficiently and demonstrate a proactive approach towards learning and implementing emerging trends to meet industry demands and organizational objectives. Furthermore, you will actively contribute to defining the Red team assessment program, possess excellent communication and email drafting skills, and be adept at monitoring, reporting status, and escalating any issues or risks within the plan. Your responsibilities will also include conducting independent assessments with the assistance of external red teaming vendors. To excel in this role, you should hold primary skills in CEH, OWASP, Certified Expert Penetration Tester (CEPT), Certified Cloud Penetration Tester (CEPT), or other relevant Information Security certifications/skillsets. The ideal candidate for this position should have 2 to 3 years of relevant experience in the field. This position is based in Mumbai, offering a challenging yet rewarding opportunity for individuals with a passion for enhancing cybersecurity measures and ensuring the protection of critical assets.,

We're Hiring! I am excited to share some amazing career opportunities at Happiest Minds. Take your Security career to the next level with Happiest Minds, ! Join a dynamic team, where Security Meets Innovation, and grow with us. Be recognized in a Great Place to Work Certified environment Interested professionals can directly reach out to me ankita.patari@happiestminds.com or you can apply in below post Mandatory roles: Perform Internal and External Red Teaming. Report Preparation with proof of concepts. Provide recommendations to remediate the findings. Excellent communication skill is important. Additional skills: Cyber Security Assessment & Consulting,Cyber Threat Hunting,Manual Penetration Testing using OWASP checklists,OWASP Top 10,OWASP ZAP,Penetration Testing,Static Code analysis,Static/dynamic testing of mobile applications Exp range:7 + years Who can by Immediate or 15 days max Thanks and Regards, Ankita Ghosh

As a Principal Research Scientist focusing on AI Alignment at Ola Krutrim in Bangalore, India, you will lead the efforts in Trust and Safety, Interpretability, and Red Teaming within the AI division. Your role will be crucial in ensuring that the AI systems developed are safe, ethical, interpretable, and reliable, with a significant impact on millions of lives. You will be at the forefront of cutting-edge AI research, guiding the implementation of technologies that adhere to the highest standards of safety and transparency. Your responsibilities will include providing strategic leadership for the AI Alignment division, overseeing teams dedicated to Trust and Safety, Interpretability, and Red Teaming. You will work closely with the Lead AI Trust and Safety Research Scientist and Lead AI Interpretability Research Scientist to align goals and methodologies. Developing comprehensive strategies for AI alignment, integrating advanced safety and interpretability techniques, and establishing best practices for red teaming exercises to identify vulnerabilities will be key aspects of your role. Moreover, you will collaborate with product and research teams to implement safety and interpretability aspects throughout the AI development lifecycle. Staying updated on AI ethics, safety, and interpretability research, representing the company in industry events, and managing resource allocation and strategic planning for the AI Alignment division are also part of your responsibilities. Mentoring and developing team members, fostering innovation, and communicating progress and recommendations to executive leadership will be essential in this role. To qualify for this position, you should hold a Ph.D. in Computer Science, Machine Learning, or a related field with a focus on AI safety, ethics, and interpretability. With at least 7 years of experience in AI research and development, including 3 years in a leadership role, you should have expertise in AI safety, interpretability, and red teaming methodologies. Strong knowledge of advanced techniques such as Reinforcement Learning, Proximal Policy Optimization, and attention-based methods, along with experience in overseeing red teaming exercises for AI systems, are required. Your visionary mindset, along with excellent communication skills, project management abilities, and a proven track record in AI safety, ethics, and interpretability research, will be instrumental in shaping the future of responsible AI development at Ola Krutrim. By leading cross-functional initiatives and fostering a culture of continuous learning and innovation, you will contribute to building public trust in AI technologies and positioning the company as a leader in ethical and responsible AI development.,

Chief Manager - Cyber Security Risk ROLE SUMMARY Chief Manager - Cyber Security Risk is responsible for the implementation and governance of Cyber Security Risk and Compliance frameworks. The role takes the lead for the implementation of information security policies, standards, procedures, and best practices to ensure the confidentiality, integrity, and availability of information assets. The role coordinates and conducts internal and external risk assessments to assess the effectiveness of information/cyber security controls and suggest/supervise the closure of the identified gaps. The role works closely with other business units, CISO, CIO, IT teams and external stakeholders to confirm alignment of information/cyber security objectives. KEY RESPONSIBILITIES Role and Responsibility Developing and Implementing Strategy: Implementing the cybersecurity risk management strategy that aligns with the organization's mission and objectives. This involves staying up to date with emerging threats and technologies. Risk Assessment and Analysis: Conducting regular risk assessments to identify vulnerabilities in IT systems, networks, and data. This includes evaluating the likelihood and potential impact of cyber threats. Mitigation and Control: Designing and implementing security controls and protocols to reduce identified risks to an acceptable level. This may involve using tools like firewalls, intrusion detection systems, and encryption. Compliance and Governance: Ensuring the organization complies with industry standards and government regulations. Incident Response: Leading the response to security breaches, coordinating with technical teams to contain the incident, and minimizing damage. Stakeholder Communication: Communicating complex technical risks and mitigation plans to both technical teams and non-technical stakeholders, including senior management. Team Leadership: Managing and mentoring a team of cybersecurity professionals. KEY SKILLS & BEHAVIOURAL ATTRIBUTES Expertise in information/Cyber security standards, frameworks, and best practices, such as ISO 27001, NIST etc. Ability to assess security policies, procedures, and controls across the organization. Experience in conducting risk assessments and compliance reviews and preparing reports and recommendations. Strong leadership and communication skills, with the ability to influence and collaborate with senior management and stakeholders. Knowledge of emerging security threats, trends and technologies, and the ability to proactively identify and mitigate risks. Critical thinking and problem-solving skills, with the ability to analyze complex situations and provide effective solutions. High ethical standards and integrity, with the ability to handle confidential and sensitive information. EDUCATION / EXPERIENCE Graduate / Postgraduate in computer science, information systems/ Technology, Cybersecurity, or a related field Minimum 10 years of experience in information security management, compliance, and risk assessment roles, preferably in a large and complex organization. Certification in relevant security domains, such as CISSP, CISM, CRISC, CEH, Red Teaming etc Should have strong leadership, communication, analytical and problem-solving skills. Display a high level of integrity, professionalism, and ethical conduct.

As a Cybersecurity Specialist, you will be at the forefront of protecting Kyndryl's customers computer systems and networks from unauthorized access, use, disclosure, disruption, modification, or destruction. You will use a variety of tools and techniques to defend against a wide range of cyber threats, such as malware, ransomware, phishing attacks, and data breaches. But that's not all – at Kyndryl, you will also have the opportunity to implement new cybersecurity systems and policies to ensure the protection of our customers’ data and assets. You will monitor and review potential threats from various cybersecurity systems and conduct proof-of-concepts (POCs) with new cyber security software to evaluate its effectiveness and potential integration into the organization's systems. Not only will you be responsible for ensuring the security of Kyndryl's customers’ network and systems, but you will also enrich the organization’s knowledge towards potential cyber threats and best practices. You will provide automation scripts for threat hunting in customer environments using lessons learned from Cyber-attacks. You will also have the opportunity to conduct penetration testing and threat and vulnerability assessments of applications, operating systems, and networks, responding to cybersecurity breaches and identifying intrusions. You will research and evaluate cybersecurity threats and perform root cause analysis, all while assisting in the creation and implementation of security solutions. Additionally, you will have the opportunity to work in the area of security innovation, creating and experimenting with “outside the box” ideas that could change the trajectory of cyber security. This is a unique opportunity to work with cutting-edge technology, be part of a dynamic team, and make a significant impact in the world of cybersecurity. If you're up for the challenge, apply now to join Kyndryl's cybersecurity team! Your Future at Kyndryl Every position at Kyndryl offers a way forward to grow your career. We have opportunities that you won’t find anywhere else, including hands-on experience, learning opportunities, and the chance to certify in all four major platforms. Whether you want to broaden your knowledge base or narrow your scope and specialize in a specific sector, you can find your opportunity here. You’re good at what you do and possess the required experience to prove it. However, equally as important – you have a growth mindset; keen to drive your own personal and professional development. You are customer-focused – someone who prioritizes customer success in their work. And finally, you’re open and borderless – naturally inclusive in how you work with others. Required Skills and Experience: Having 6 + years of Experience in Red Teaming and Attack Simulations Infra Security Team Lead and Offensive Penetration Tester • Lead targeted red team simulations and adversary emulation • Coordinate purple teaming and attack simulation reports • Ensure red team findings and recommendations are integrated into VM lifecycle • Validate business-critical threat scenarios • Provide insights to improve incident detection and response • Align simulations to MITRE ATT&CK and threat intelligence trends Preferred Skills and Experience: • Build/redesign red team labs and attack paths • Execute hands-on exploitation and lateral movement exercises • Document TTPs, validate with detection teams, and report actionable outputs • Support continuous improvement of attack simulations and detection tuning

You should have at least 3 years of experience in VAPT, ethical hacking, Red teaming, or security testing. Your main responsibilities will include conducting security assessments such as network, web, mobile, and cloud penetration testing. You will be expected to identify, exploit, and document vulnerabilities to evaluate the security status of systems. In addition, you will need to perform manual testing in conjunction with automated tools to conduct thorough security analysis. Your role will also involve preparing detailed security reports that outline findings, risk impact, and recommendations for mitigation. It will be crucial for you to effectively present these findings to technical teams and senior management in a clear and actionable manner. Collaborating with development and IT teams to address identified vulnerabilities will be a key part of your responsibilities. Moreover, you will be required to offer guidance on security best practices, secure coding, and infrastructure hardening. Any relevant certifications such as CEH, OSCP, CISSP, etc., will be considered a significant advantage in this role.,

You have an exciting opportunity to advance your career as a Cybersecurity Architect III at JPMorgan Chase within the Adversarial Insights team in the Cybersecurity & Control team. In this role, you will be part of a dedicated team focused on addressing cybersecurity challenges and strengthening our security posture. Your responsibilities will include participating in design and implementation review workshops from an adversarial perspective, conducting security reviews, and suggesting technical controls to protect our critical infrastructure from both internal and external threats. You will collaborate with product security and engineering teams to evaluate strategic solutions for various technologies such as on-premises, cloud, Blockchain, and AI/ML. Engaging in architecture reviews will allow you to interact with stakeholders and make valuable contributions to our cybersecurity initiatives. Furthermore, you will be involved in conducting thorough analyses of security and process gaps, offering insights and recommendations to senior leadership. Your role will also entail identifying security vulnerabilities through an adversary-led approach, assessing security controls, and proposing risk mitigation strategies. Building strong relationships with stakeholders and delivering exceptional service during and after architecture reviews are key aspects of this position. You will have the opportunity to work collaboratively towards common objectives and contribute to the development of strategic security solutions that support JPMC businesses. Job Responsibilities: - Conduct security configuration, deployment, design, and architecture reviews to ensure alignment with organizational policies and standards. - Collaborate with product teams across different technology domains to assess architecture and deployment patterns for compliance with security methodologies. - Identify security weaknesses in product attack surfaces, verify security controls, and recommend risk mitigation strategies. - Coordinate remediation efforts with stakeholders to address thematic issues. - Provide outstanding service to stakeholders throughout architecture reviews. - Collaborate effectively to establish meaningful relationships and accomplish shared goals. - Contribute to the creation of strategic security solutions that benefit JPMC businesses. Required Qualifications, Capabilities, and Skills: - Formal training or certification in Cybersecurity concepts with at least 3 years of applied experience. - Proficiency in application, data, and infrastructure architecture disciplines. - Strong analytical skills with the ability to perform root cause analysis. - Hands-on experience in offensive security, including penetration testing and red teaming. - Proficiency in Python or other scripting languages. - Expertise in security design/architecture reviews and code review/threat modeling at an enterprise level for a minimum of 2 years. - Experience in areas such as Data Security, Infrastructure Security, Application Security, Cloud Security, Endpoint/Platform Security, Security Analytics, and security testing or compliance frameworks. - Strategic thinking skills with a keen interest in business strategy and processes. Preferred Qualifications, Capabilities, and Skills: - Familiarity with Microservices Architecture, Multi-Cloud environments (AWS, GCP, Azure), and OAuth.,

The HiLabs Story HiLabs is a leading provider of AI-powered solutions to clean dirty data, unlocking its hidden potential for healthcare transformation. HiLabs is committed to transforming the healthcare industry through innovation, collaboration, and a relentless focus on improving patient outcomes. HiLabs Team Multidisciplinary industry leaders Healthcare domain experts AI/ML and data science experts Professionals hailing from the worlds best universities, business schools, and engineering institutes including Harvard, Yale, Carnegie Mellon, Duke, Georgia Tech, Indian Institute of Management (IIM), and Indian Institute of Technology (IIT). Job Title : Cloud Security Lead Job Location : Bangalore, Karnataka / Pune Maharashtra - India Job summary: We are a leading Software as a Service (SaaS) company that specializes in the transformation of data in the US healthcare industry through cutting-edge Artificial Intelligence (AI) solutions. We are looking for a Cloud Security Lead to take ownership of our cloud security posture as we scale our healthcare SaaS platform. The ideal candidate is hands-on, has strong experience with ethical hacking and penetration testing, and is passionate about building secure, compliant, and highly available systems in the cloud. In this role, you will work closely with engineering, DevOps, and compliance teams to ensure that patient data and healthcare workflows are protected in line with HIPAA, SOC 2, and other healthcare-specific regulations Responsibilities Design, implement, and continuously improve the cloud security architecture for our SaaS platform hosted on AWS/Azure/GCP. Conduct ethical hacking, red teaming, and penetration tests to proactively identify vulnerabilities. Integrate Dev-Ops best practices into the software development lifecycle and infrastructure provisioning. Define and enforce IAM policies, encryption standards, VPC and firewall configurations, and secure network design. Drive incident response and disaster recovery planning for cloud environments. Collaborate with compliance teams to ensure ongoing HITRUST, HIPAA, SOC 2, and ISO 27001 readiness. Lead threat modelling sessions and educate teams on secure coding and deployment practices. Stay current on industry threats and tools and recommend improvements to our security stack. Desired Profile Bachelor&aposs or Masters degree in Computer Science, Information Security, or related field. Preference for candidates from Tier 1 institutions in India (IITs, NITs, BITS Pilani, IIITs) 6+ years of experience in cloud security, infrastructure security, or cybersecurity roles. Deep hands-on experience with AWS, Azure, or GCP security services. Strong background in ethical hacking, penetration testing, and red teaming. Proficiency in tools like Burp Suite, Metasploit, Nmap, Wireshark, Nessus, and Kali Linux. Experience with DevSecOps tools and concepts (e.g., Terraform, Ansible, CI/CD security integration). Strong understanding of container security (Docker, Kubernetes). Experience securing multi-tenant SaaS platforms, especially in healthcare or regulated environments. Knowledge of compliance frameworks like HIPAA, SOC 2, and ISO 27001. Excellent communication skills and a collaborative mindset Preferred Certifications OSCP, CEH, AWS Security Specialty, CISSP, or relevant security certifications HiLabs is an equal opportunity employer (EOE). No job applicant or employee shall receive less favorable treatment or be disadvantaged because of their gender, marital or family status, color, race, ethnic origin, religion, disability, or age; nor be subject to less favorable treatment or be disadvantaged on any other basis prohibited by applicable law. HiLabs is proud to be an equal opportunity workplace dedicated to pursuing and hiring a diverse and inclusive workforce to support individual growth and superior business results. Thank you for reviewing this opportunity with HiLabs! If this position appears to be a good fit for your skillset, we welcome your application. HiLabs Total Rewards Competitive Salary, Accelerated Incentive Policies, H1B sponsorship, Comprehensive benefits package that includes ESOPs, financial contribution for your ongoing professional and personal development, medical coverage for you and your loved ones, 401k, PTOs & a collaborative working environment, Smart mentorship, and highly qualified multidisciplinary, incredibly talented professionals from highly renowned and accredited medical schools, business schools, and engineering institutes. CCPA disclosure notice - https://www.hilabs.com/privacy Show more Show less

The HiLabs Story HiLabs is a leading provider of AI-powered solutions to clean dirty data, unlocking its hidden potential for healthcare transformation. HiLabs is committed to transforming the healthcare industry through innovation, collaboration, and a relentless focus on improving patient outcomes. HiLabs Team Multidisciplinary industry leaders Healthcare domain experts AI/ML and data science experts Professionals hailing from the worlds best universities, business schools, and engineering institutes including Harvard, Yale, Carnegie Mellon, Duke, Georgia Tech, Indian Institute of Management (IIM), and Indian Institute of Technology (IIT). Job Title : Cloud Security Lead Job Location : Bangalore, Karnataka / Pune Maharashtra - India Job summary: We are a leading Software as a Service (SaaS) company that specializes in the transformation of data in the US healthcare industry through cutting-edge Artificial Intelligence (AI) solutions. We are looking for a Cloud Security Lead to take ownership of our cloud security posture as we scale our healthcare SaaS platform. The ideal candidate is hands-on, has strong experience with ethical hacking and penetration testing, and is passionate about building secure, compliant, and highly available systems in the cloud. In this role, you will work closely with engineering, DevOps, and compliance teams to ensure that patient data and healthcare workflows are protected in line with HIPAA, SOC 2, and other healthcare-specific regulations Responsibilities Design, implement, and continuously improve the cloud security architecture for our SaaS platform hosted on AWS/Azure/GCP. Conduct ethical hacking, red teaming, and penetration tests to proactively identify vulnerabilities. Integrate Dev-Ops best practices into the software development lifecycle and infrastructure provisioning. Define and enforce IAM policies, encryption standards, VPC and firewall configurations, and secure network design. Drive incident response and disaster recovery planning for cloud environments. Collaborate with compliance teams to ensure ongoing HITRUST, HIPAA, SOC 2, and ISO 27001 readiness. Lead threat modelling sessions and educate teams on secure coding and deployment practices. Stay current on industry threats and tools and recommend improvements to our security stack. Desired Profile Bachelor&aposs or Masters degree in Computer Science, Information Security, or related field. Preference for candidates from Tier 1 institutions in India (IITs, NITs, BITS Pilani, IIITs) 6+ years of experience in cloud security, infrastructure security, or cybersecurity roles. Deep hands-on experience with AWS, Azure, or GCP security services. Strong background in ethical hacking, penetration testing, and red teaming. Proficiency in tools like Burp Suite, Metasploit, Nmap, Wireshark, Nessus, and Kali Linux. Experience with DevSecOps tools and concepts (e.g., Terraform, Ansible, CI/CD security integration). Strong understanding of container security (Docker, Kubernetes). Experience securing multi-tenant SaaS platforms, especially in healthcare or regulated environments. Knowledge of compliance frameworks like HIPAA, SOC 2, and ISO 27001. Excellent communication skills and a collaborative mindset Preferred Certifications OSCP, CEH, AWS Security Specialty, CISSP, or relevant security certifications HiLabs is an equal opportunity employer (EOE). No job applicant or employee shall receive less favorable treatment or be disadvantaged because of their gender, marital or family status, color, race, ethnic origin, religion, disability, or age; nor be subject to less favorable treatment or be disadvantaged on any other basis prohibited by applicable law. HiLabs is proud to be an equal opportunity workplace dedicated to pursuing and hiring a diverse and inclusive workforce to support individual growth and superior business results. Thank you for reviewing this opportunity with HiLabs! If this position appears to be a good fit for your skillset, we welcome your application. HiLabs Total Rewards Competitive Salary, Accelerated Incentive Policies, H1B sponsorship, Comprehensive benefits package that includes ESOPs, financial contribution for your ongoing professional and personal development, medical coverage for you and your loved ones, 401k, PTOs & a collaborative working environment, Smart mentorship, and highly qualified multidisciplinary, incredibly talented professionals from highly renowned and accredited medical schools, business schools, and engineering institutes. CCPA disclosure notice - https://www.hilabs.com/privacy Show more Show less

Job Description: Prudent Technologies and Consulting is seeking an experienced Principal Application Security Engineer to lead our rapidly expanding web application penetration testing services. This senior-level position will play a critical role in advancing our offensive security capabilities, mentoring junior security consultants, and delivering high-value security assessments to our global client base. The ideal candidate will combine technical expertise in web application security with leadership skills and client engagement experience to drive our security consulting practice forward. As a Principal Application Security Engineer, you will serve as a technical leader within our offensive security practice, specializing in web application penetration testing methodologies. You will lead complex security engagements, provide subject matter expertise to clients and internal teams, mentor junior security consultants, and contribute to the development of our service offerings. This position requires a deep understanding of application security principles, extensive hands-on testing experience, and exceptional communication skills to translate technical findings into actionable business insights. Responsibilities: Lead complex web application penetration testing engagements for enterprise clients, ensuring delivery of high-quality assessments that meet or exceed client expectations. Serve as the principal security advisor to clients, translating technical findings into business context and providing strategic remediation guidance. Develop and enhance the organization's application security testing methodologies, incorporating industry best practices like OWASP and MITRE ATT&CK frameworks. Perform advanced manual testing to identify sophisticated vulnerabilities beyond the capabilities of automated tools, including business logic flaws, authentication bypasses, and authorization weaknesses. Conduct comprehensive threat modeling sessions with development teams to identify security risks early in the software development lifecycle. Lead code reviews to identify security vulnerabilities in client applications and provide remediation guidance. Create detailed technical reports and executive summaries that clearly articulate security findings, business impact, and prioritized remediation recommendations. Mentor junior security consultants, providing technical guidance and contributing to their professional development. Collaborate with sales teams to scope complex engagements, participate in pre-sales activities, and support business development efforts. Contribute to research initiatives that enhance the company's security testing capabilities and industry reputation. Evaluate emerging tools and technologies to improve the efficiency and effectiveness of security testing processes. Qualifications: Required Qualifications: 5-8+ years of professional experience in application security, with a strong focus on web application penetration testing. Demonstrated expertise in identifying, exploiting, and documenting complex web application vulnerabilities following OWASP methodologies. Proficiency with industry-standard penetration testing tools including Burp Suite Professional, DAST scanners, and other exploitation frameworks. Experience leading security assessments across diverse technologies and environments including web applications, APIs, cloud services (AWS, Azure, GCP), and modern web frameworks. Strong understanding of secure coding practices, common vulnerability patterns, and remediation strategies across multiple programming languages and frameworks. Exceptional technical writing skills, with the ability to produce clear, concise, and compelling security assessment reports for both technical and executive audiences. Proven ability to build trusted relationships with clients and effectively communicate complex security concepts to technical and non-technical stakeholders. Experience mentoring junior security professionals and leading technical teams. Preferred Qualifications: Bachelor's degree in computer science, cybersecurity, or related technical field. Good to have (preferred) advanced security certifications such as OSWE, GWAPT, GPEN, OSCP, or equivalent industry recognitions. Experience developing custom tools or scripts to automate aspects of penetration testing using Python, Go, or similar languages. Prior software development experience that informs a deep understanding of modern application architectures and development practices. Contributions to the security community through published research, CVE discoveries, open-source tool development, or conference presentations. Experience with mobile application security testing (iOS and Android) and API security assessment methodologies. Knowledge of cloud security architecture and specialized cloud service penetration testing techniques. Experience with AI/ML system security evaluation and testing methodologies. Education: Direct work experience performing application penetration testing assessments; ability to begin testing immediately with guidance on Prudent's specific approach and methodology. Bachelor's degree in computer science, cybersecurity, or related technical field.

Job Description: Prudent Technologies and Consulting is hiring for a fast-growing Cybersecurity team that supports a customer base including the worlds largest organizations. We have an immediate opening for a Senior Application Security Consultant. The role requires an experienced offensive consultant who understands application security testing methodologies, frameworks, tools and reporting. As a Senior Consultant you will perform and lead technical teams to conduct thorough security assessments as well as perform field related research. Candidates should be familiar with a variety of technologies including web, mobile, API, AI/LM, cloud, desktop, single sign-on and OAuth. Responsibilities: Consult with technical and non-technical client stakeholders Collaborate with Sales teams to assist in scoping efforts Lead projects and mentor less experienced consultants Perform advanced comprehensive penetration tests, adhering to industry-standard best practices Conduct penetration testing across diverse environments, including desktop applications, mobile applications, web applications, cloud environments, on-prem environments, APIs and AI/LM Document and report vulnerabilities, show proof-of-concepts where applicable, and provide detailed explanations to highlight severity, business impact, and tailored remediation steps Manages priorities and tasks to achieve utilization targets Participate in research and development efforts to improve the Cybersecurity practice Qualifications: Required Qualifications: 8+ years of direct experience performing manual penetration testing assessments on desktop applications, mobile applications, web applications, cloud environments, API and AI/LM Proficient at using penetration testing tools such as Burp Suite, DAST scanners, Metasploit and Nessus to identify and exploit vulnerabilities Able to write deliverable reports, including executive summaries and presentations, and status reports for clients Understanding of industry-standard security frameworks (e.g., OWASP and MITRE ATT&CK) Excellent project management, leadership, time management, and client consulting skills Preferred Qualifications: Bachelors degree in computer science, information security, or related field Good to have (preferred) relevant certifications (e.g., OSCP and/or OSWE) Experience with scripting languages such as Python and Bash Experience with application development, systems engineering, or similar Published CVE/CWE contributions, participation in CTF events and independent research projects Education: Direct work experience performing application penetration testing assessments; ability to begin testing immediately with guidance on Prudents specific approach and methodology

Key Responsibilities: Conduct red team exercises to simulate sophisticated, real-world attacks and evaluate the effectiveness of security controls. Perform targeted penetration tests and vulnerability assessments to uncover and exploit security weaknesses. Develop and execute complex attack scenarios to challenge the organization's defenses. Collaborate with defensive security teams to remediate identified vulnerabilities and enhance security measures. Utilize and integrate advanced offensive security tools, such as Metasploit, Burp Suite, and Kali Linux, into the red team testing framework. Provide expert analysis and interpretation of red team tools and their results. Create and maintain detailed documentation related to red team activities, including test plans, attack scenarios, and incident response procedures. Contribute to the development and delivery of specialized security training and awareness programs focused on red team techniques. Ensure design and implementation of security controls and best practices from a red team perspective. Support the Offensive Security Lead in developing and refining the red team program. Assist with the evaluation and implementation of new red team technologies and improvements to existing processes. Qualifications: Bachelor's degree in computer science, Information Security, or a related technical field. 4+ years of experience in offensive security, with a focus on penetration testing and red teaming. In-depth understanding of encryption technologies, authentication protocols, and other security mechanisms. Preferred Skills: Relevant security certifications (e.g., OSCP, OSCE, CEH, GPEN).

Ready to shape the future of work At Genpact, we don&rsquot just adapt to change&mdashwe drive it. AI and digital innovation are redefining industries, and we&rsquore leading the charge. Genpact&rsquos , our industry-first accelerator, is an example of how we&rsquore scaling advanced technology solutions to help global enterprises work smarter, grow faster, and transform at scale. From large-scale models to , our breakthrough solutions tackle companies most complex challenges. If you thrive in a fast-moving, tech-driven environment, love solving real-world problems, and want to be part of a team that&rsquos shaping the future, this is your moment. Genpact (NYSE: G) is an advanced technology services and solutions company that delivers lasting value for leading enterprises globally. Through our deep business knowledge, operational excellence, and cutting-edge solutions - we help companies across industries get ahead and stay ahead. Powered by curiosity, courage, and innovation , our teams implement data, technology, and AI to create tomorrow, today. Get to know us at and on , , , and . Inviting applications for the role of Senior Manager- Offensive Security Engineer We are seeking a highly skilled and experienced offensive security engineer to join our team. The ideal candidate will have at relevant experience in the security testing domain, with offensive security engagements . Responsibilities: Offensive Security Engagements: Conduct system-level and network-level red team exercises along with penetration testing activities. Tool Proficiency: Utilize offensive security tools and frameworks like Metasploit, Burp Suite, custom exploit tools, and more. Documentation & Reporting: Ensure comprehensive documentation of assessment findings along with remediation recommendations. Research & Development: Develop new attack vectors and exploit techniques while validating their effectiveness. Collaboration: Work closely with development teams and other security teams to ensure effective communication and collaboration. Project Management: Manage multiple projects simultaneously while maintaining high organizational standards. Qualifications we seek in you! Minimum Qualifications Relevant years of experience working on offensive security engagements and security testing domain Excellent proficiency with OWASP, MITRE, Generative AI security, offensive security tools, penetration testing, and red teaming frameworks Experience using tools such as Metasploit, Burp Suite, custom exploit tools and s tay updated with the latest security trends, tools and strategies. Strong problem-solving skills for researching, developing, and validating new attack vectors Excellent written and verbal communication skills for clear documentation Highly organized individual capable of managing multiple projects simultaneously Effective communication skills for collaborating closely with development teams Preferred Qualifications/ Skills Proven track record in executing high-risk ethical hacks on both internal and external applications globally Experience integrating MITRE ATT&CK framework TTPs into red team exercises for emulating advanced threat actors Proficiency in creating scripts or frameworks designed for complex undetectable attacks Ability to coordinate operational briefings alongside presentations tailored for nontechnical audiences including executive management Support during security incidents by identifying root causes while recommending detection measures alongside prevention measures Perform research on emerging technologies while designing frameworks suited for red team exercises involving new technologies Must be flexible with work timings. Why join Genpact Be a transformation leader - Work at the cutting edge of AI, automation, and digital innovation Make an impact - Drive change for global enterprises and solve business challenges that matter Accelerate your career - Get hands-on experience, mentorship, and continuous learning opportunities Work with the best - Join 140,000+ bold thinkers and problem-solvers who push boundaries every day Thrive in a values-driven culture - Our courage, curiosity, and incisiveness - built on a foundation of integrity and inclusion - allow your ideas to fuel progress Come join the tech shapers and growth makers at Genpact and take your career in the only direction that matters: Up. Let&rsquos build tomorrow together. Genpact is an Equal Opportunity Employer and considers applicants for all positions without regard to race, color , religion or belief, sex, age, national origin, citizenship status, marital status, military/veteran status, genetic information, sexual orientation, gender identity, physical or mental disability or any other characteristic protected by applicable laws. Genpact is committed to creating a dynamic work environment that values respect and integrity, customer focus, and innovation. Furthermore, please do note that Genpact does not charge fees to process job applications and applicants are not required to pay to participate in our hiring process in any other way. Examples of such scams include purchasing a %27starter kit,%27 paying to apply, or purchasing equipment or training.

You will be reporting to the Senior Manager VAPT as part of this role. A university degree in computer science or IT is required for this position. With over 8 years of experience in Information Security, including at least 5 years of experience in Penetration Testing, Red Teaming, and/or vulnerability assessment, you will play a crucial role in evaluating the control environment through Ethical Hacking. Your responsibilities will include hands-on experience in black-box and grey-box penetration testing on platforms like .Net and Java, as well as mobile testing of Android and iOS. Having a high-level understanding of Security Architecture and Infrastructure is essential, along with familiarity with best practices from organizations such as OWASP, SANS Institute, ISACA, GAO, FISCAM, NSA, NIST, and Internet Engineering Task Force (IETF). You will be expected to develop a framework for testing the compliance of applications and systems, as well as possess experience in project management. This position falls within the Information Technology industry. Your main responsibilities will involve conducting internal and third-party Ethical Hacking, Vulnerability Assessment, Penetration Testing, and Red Team assessments on business-critical assets and processes. You will need to liaise with external ethical hacking and penetration testing teams for RBI projects, and coordinate with the security intelligence framework to stay updated on the latest threats and vulnerabilities. Preparing security effectiveness reports for management, testing applications/systems for compliance to RBI/ReBIT Information Security practices, and ensuring new applications are inducted into the Data center after conducting pen testing/vulnerability assessment are key tasks. You will be responsible for prioritizing security vulnerabilities, updating the Security operations team for mitigation, and deciding on the most relevant metrics and algorithms for measuring security effectiveness. Certifications required for this role include any two of the following: CISSP, CEH, OSCP, OSCE, or GPEN.,