20 Red Teaming Jobs

The primary responsibility in the role of L3-Information Security involves managing organizational practices related to Vulnerability Assessment, Infrastructure Penetration Testing (Cloud/Traditional DC), Configuration Review, and Red Teaming. As a part of the role, you will be expected to lead the team in delivering Vulnerability Management operations efficiently. Your duties will include conducting penetration testing based on scheduled activities and responding to on-demand requests for Infrastructure Vulnerability Assessment. You will also be responsible for performing Vulnerability Assessment and Penetration Testing on Cloud Environments such as AWS, GCP, and Azure. Additionally, conducting configuration reviews based on the calendar activities and responding to on-demand requests for server, database, and network components will be a part of your responsibilities. As part of this role, you will need to identify critical vulnerabilities and propose workarounds. You will be required to explain vulnerabilities to system owners, provide recommendations for mitigation, monitor the progress of vulnerability mitigations, and keep track of remediation efforts. Providing advisory support to the internal IT team for closing identified vulnerabilities during security testing will also be expected. To excel in this position, you should stay updated on the latest trends in tools and technologies used for application security. Developing Proof of Concepts (POCs) to demonstrate security issues will also be a key aspect of this role. In terms of qualifications, a B.Tech, B.E, MCA, or equivalent degree from a recognized university is required. Candidates should have a minimum of 8 years of experience in a similar role. Preferred certifications include OSCP and EC-Council LPT, while hands-on experience with popular security tools like Nessus, Metasploit, and KALI Linux is essential. Additionally, working knowledge of CIS Security benchmarks and practical experience in auditing various operating systems, databases, networks, and security technologies will be beneficial for this position.,

Malware & Threat Intelligence Research – Offensive Security Researcher https://zrec.in/5789h?source=CareerSite

The Senior Cyber Security Engineer / Cyber Security Engineer position in Bangalore requires 3 to 6 years of experience in the security domain. As a part of your role, you will be responsible for performing Application, API, and Microservices Pentest, Network Pentest (Internal and External), Mobile App Pentest, Mobile Assessments, Threat Modeling, Legal Reviews, Reporting, Proof of Concepts (PoCs) of vulnerabilities, Documentation, coordinating with various stakeholders, conducting R&Ds, and other security analysis. The mandatory requirements for this role include at least 3 years of relevant experience in the security domain, proven expertise in Web Application Penetration testing (Web, Mobile, API/Web Services on JAVA & .Net) through DAST Manual approach, hands-on experience in DAST tools, API (SOAPUI, PostMan), DAST Manual Assessments, Threat Modeling, and Penetration Testing. You should also possess good Network Pentest skills for external and internal networks, and excellent written and verbal communication skills. Preferred skillsets for this position include hands-on experience of DevSecOps, good knowledge of Java, .NET, SQL queries (Oracle, PostgreSQL, etc.), experience in automating security tasks using Python or Java Frameworks, System/Network Exploitation, Red Teaming, understanding of Security Frameworks, and hands-on experience with MS Tools. If you meet the above requirements and have the necessary skillsets, you will be a valuable addition to our team as a Senior Cyber Security Engineer / Cyber Security Engineer.,

Key Responsibilities 1. To participate in functional as well as technical discussions with the client /team to understand functional /design specifications, highlight performance concerns, inconsistencies, ensure the appropriate test environments and infrastructures are in place/kept upto date. 2. To Identify opportunities for process improvement in testing methodologies /tools and Implement best practices to enhance the efficiency and effectiveness of the testing process. 3. To oversee the creation and execution of automated test scripts ensuring consistency and alignment with quality standards to minimize exposure. 4. To develop/guide and mentor QA engineers in the use of the testing framework , enhancing their technical capabilities and increasing productivity. Additional requirement: Penetration testing Web Application PT, Network Infrastructure PT, Active Directory PT, Red Team Activities "Web Application PT Must have Mobile PT Good to have Cloud Must (knowledge + understanding of Azure and AWS)Red Team Activities Must Active Directory PT MustNetworkInfrastructure PT Must have (protocols, Windows, Linux)Firewall testingauditing MustCitrix Pen testing Good to haveNetworking equipment Must (routers, switchers, load balancers, how to attack them + common weaknesses)Agile Process & Communication Good to have (it is essential that the candidate has good communicationinterpersonal skills)Certifications Completed or Optional OSCP, CPSA, CRT, CRTP, CEH (All good to have but not essential. I prefer practical knowledge than certifications)"

The Application Security Expert - Red Team / Ethical Hacker is a critical role responsible for proactively identifying and exploiting security vulnerabilities in software applications throughout the Software Development Life Cycle (SDLC). As a key member of the in-house Red Team, your focus will be on simulating real-world attacks, conducting advanced penetration testing, and providing actionable intelligence to strengthen the overall security posture. Your responsibilities will include planning and executing realistic attack simulations against web, mobile, and desktop applications, developing custom exploits, tools, and techniques to mimic advanced threat actors, and conducting social engineering campaigns to assess employee awareness. You will also be responsible for in-depth penetration testing of applications, networks, and systems, identifying and exploiting complex vulnerabilities, and developing detailed penetration test reports with actionable recommendations. In addition, you will conduct code reviews from an offensive perspective, provide guidance on secure coding practices, and develop secure coding guidelines. Staying up-to-date on the latest security threats, vulnerabilities, and exploit techniques will be crucial, as you will be conducting vulnerability research, developing custom exploits and tools, and integrating security testing into the SDLC. You will also collaborate with development teams, participate in design reviews, and promote a security-conscious culture within the organization. Validating and verifying the effectiveness of vulnerability remediation efforts, retesting remediated vulnerabilities, evaluating and customizing offensive security tools, and automating red teaming and penetration testing processes will also be part of your role. Your technical skills should include expert proficiency in programming languages, a strong understanding of web application vulnerabilities, experience with penetration testing tools and frameworks, cloud security principles, authentication and authorization mechanisms, and network protocols. The ideal candidate will have a Bachelor's or Master's degree in Computer Science, Information Security, or a related field, along with at least 8 years of experience in application security, penetration testing, or red teaming. Certifications such as Offensive Security Certified Professional (OSCP), Certified Ethical Hacker (CEH), GIAC Web Application Penetration Tester (GWAPT), Offensive Security Certified Expert (OSCE), and Offensive Security Web Expert (OSWE) are highly preferred.,

Key Responsibilities 1. To participate in functional as well as technical discussions with the client /team to understand functional /design specifications ,highlight performance concerns, inconsistencies ,ensure the appropriate test environments and infrastructures are in place/kept upto date. 2. To Identify opportunities for process improvement in testing methodologies /tools and Implement best practices to enhance the efficiency and effectiveness of the testing process. 3. To oversee the creation and execution of automated test scripts ensuring consistency and alignment with quality standards to minimize exposure. 4. To develop/guide and mentor QA engineers in the use of the testing framework , enhancing their technical capabilities and increasing productivity. Technical Skil Must Have: 1- Penetration Testing 2-Active Directory Penetration Testing 3-Networking Penetration Testing 4-Red Team Activities 5- Web Application PT Minimum 6 years of experience

Job Description: Information Security Auditor Location- Andheri or any client Position: Senior Associate Information Security Employment Type: Full-time Key Responsibilities: Conduct vulnerability assessments and penetration tests on web applications, networks, infrastructure, and mobile applications to identify security weaknesses. Perform detailed risk analysis and provide actionable remediation steps based on findings. Engage in manual and automated testing using industry-standard tools (e.g., Burp Suite, Nessus, Metasploit, Nmap, Kali Linux, etc.). Document and communicate the results of assessments clearly, including the severity of the vulnerabilities, recommended mitigations, and overall security posture. Stay up-to-date with the latest security threats, vulnerabilities, and tools, ensuring testing methodologies remain current. Conduct risk assessments and security audits to ensure compliance with industry standards (e.g., OWASP Top 10, NIST, CIS). Perform threat modeling to identify potential attack vectors in system architectures and designs. Perform advanced exploitation techniques (buffer overflows, reverse engineering, etc.). Cloud security and penetration testing methodologies for platforms like AWS, Azure, and GCP. Secure hardening configuration review of infrastructure systems and Cloud environment Assist in preparing security reports for clients and senior management. Skills & Qualifications: Experience: 3-5 years of hands-on experience in penetration testing, vulnerability assessments,security auditing, source code review, red teaming etc. Technical Expertise: Strong knowledge of common web application vulnerabilities (e.g., SQL Injection, Cross-Site Scripting (XSS), Cross-Site Request Forgery (CSRF), etc.). Proficiency with penetration testing tools like Burp Suite, OWASP ZAP, Nessus, Nmap, Metasploit, etc. Experience with vulnerability management systems and reporting tools. Familiarity with both manual and automated testing techniques. Strong knowledge of operating systems (Linux, Windows) and networking protocols. Certifications (Preferred): Offensive Security Certified Professional (OSCP), Certified Ethical Hacker (CEH) Any additional certifications in cybersecurity or penetration testing. How to Apply: Interested candidates are invited to submit their resume and cover letter to [Pallavi.kulkarni@anbglobal.com]. Please include "VAPT" in the subject line. Equal Opportunity Employer: ANB is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees. For more information about our company and culture, visit https://anbglobal.com/

Position - Ethical Hacker (Penetration Tester / Cybersecurity Analyst) Location: Gurgaon (onsite) Job Type: Full-Time Department: Cybersecurity / Information Security Job Summary We are seeking a skilled and motivated Ethical Hacker to join our cybersecurity team. As an Ethical Hacker, you will be responsible for identifying security vulnerabilities in systems, networks, and applications by simulating cyberattacks in a controlled and lawful manner. Your insights and recommendations will play a key role in strengthening our organizations security posture. Key Responsibilities: Conduct penetration testing on web applications, networks, systems, APIs, and mobile platforms. Identify and document security vulnerabilities, exploits, and misconfigurations. Use a variety of tools and techniques (manual and automated) to simulate real-world cyberattacks. Provide detailed reports and presentations to technical and non-technical stakeholders. Recommend and verify remediation strategies for identified vulnerabilities. Collaborate with developers, IT teams, and other stakeholders to improve security defenses. Stay current on cybersecurity trends, zero-day exploits, and new ethical hacking methodologies. Assist in compliance audits (e.g., ISO 27001, PCI-DSS, SOC 2). Participate in red teaming, blue teaming, and purple teaming exercises if applicable. Required Skills & Qualifications: Proven experience in penetration testing, vulnerability assessment, or related cybersecurity roles. Proficiency in tools such as Metasploit, Burp Suite, Nmap, Nessus, Wireshark, and others. Strong understanding of operating systems (Windows, Linux), networking, and web technologies. Familiarity with programming/scripting languages like Python, Bash, JavaScript, or PowerShell. Deep knowledge of OWASP Top 10, CVE, CVSS, and secure coding practices. Preferred Certifications CEH (Certified Ethical Hacker) OSCP (Offensive Security Certified Professional)

Role: L3-Information Security Job Description: Primary Responsibility would be to manage the organizational practices for the following: Vulnerability Assessment Infrastructure(Cloud/Traditional DC) Penetration Testing Configuration Review Red Teaming Should be able to lead the team for delivery of Vulnerability Management operations. Conduct penetration testing as per the calendar activities and on demand request for Infrastructure Vulnerability Assessment. Conduct Vulnerability Assessment and Penetration Testing on Cloud Environment (AWS, GCP, Azure). Conduct configuration review as per the calendar activities and on demand request for server, database, network components. Identify and propose work around for critical vulnerabilities. Explain vulnerabilities to System owners and provide recommendations for mitigation Monitor progress of vulnerability mitigations and maintain track of remediation Provide advisory support to internal IT team for closure of identified vulnerability during the security testing Coordinate fixing of identified and accepted vulnerabilities with Airtel Payments Bank and Security Vendors. Stay abreast of newer trends in tools and technologies used for application security Develop POCs to demonstrate security issues Qualification: B.Tech, B.E, MCA or equivalent from a Recognized university At least 8 years of experience in similar role Certifications Preferred: OSCP, EC-council LPT. Hands on experience with popular security tools – Nessus, Metasploit, KALI Linux. Working knowledge of CIS Security benchmarks Has practical experience in auditing various OS , DB , Network and Security technologies

The role at KPMG in India involves providing professional services as a member of the affiliated Indian entities with KPMG International Limited. Since its establishment in August 1993, KPMG has been dedicated to leveraging a global network of firms and maintaining a deep understanding of local laws, regulations, markets, and competition. With offices across various cities in India, including Ahmedabad, Bengaluru, Chandigarh, Chennai, Gurugram, Jaipur, Hyderabad, Jaipur, Kochi, Kolkata, Mumbai, Noida, Pune, Vadodara, and Vijayawada, the professionals at KPMG cater to national and international clients across different sectors. The responsibilities associated with this position include conducting cyber security assessments, Red Teaming, designing security architecture, performing infrastructure and application security assessments, carrying out vulnerability assessment and penetration testing, reviewing security of traditional IT and non-IT network environments such as Telecom and OT networks, addressing ICS Security, IOT Security, and API Security Testing. As an equal opportunity employer, KPMG in India is committed to providing a diverse and inclusive work environment.,

Position 1: Web and Network PT Consultant Proposed designation Consultant Role type Individual contributor Reporting to Work timings 12 PM to 9 PM Roles & responsibilities • Perform manual application penetration tests on one or more of the following to discover and exploit vulnerabilities: web applications, internal applications, APIs, internal and external networks, and mobile applications • Plan and execute network penetration testing and Red teaming assessments to simulate real-world attack scenarios. • Perform manual network and application penetration tests on internal network, Active Directory environment, web applications. • Perform social engineering assessment to assess the security awareness and physical security controls of the organization. • Ability to independently research for new vulnerabilities in systems and software and modify and customize tools, known exploits, POCs and scripts to meet operational requirement. • Research and stay up-to-date with the latest attack techniques, tools, and emerging threats. • Present technical reports to clients, explaining the outcomes of the testing and providing detailed insights and recommendations. • Collaborate effectively with cross-functional teams, including developers, IT operations, and business stakeholders to integrate security best practices seamlessly into project workflows. • Provide mentorship and guidance to junior security staff and foster a culture of proactive security awareness within the organization. This role is for you if you have the below • We are seeking an experienced and highly skilled Consultant with over 5+ years of working experience in the field of cybersecurity, including network penetration testing, vulnerability assessment, Active directory testing, phishing assessment and web application penetration testing. The ideal candidate will possess a strong working knowledge of Network protocols, performing OSINT to identify publicly available information and testing and exploiting Microsoft services like Windows Servers, Active directory, Certificate Services. Mandatory technical & functional skills JOB DESCRIPTIONS 2 • Perform manual application penetration tests on one or more of the following to discover and exploit vulnerabilities: web applications, internal applications, APIs, internal and external networks, and mobile applications • 5+ years of professional experience in cybersecurity, with a focus on Network penetration testing and Red teaming. • Strong understanding of Network protocols, web applications, cryptography, various operating systems and security technologies. • Strong understanding of exploitation of Microsoft platform used in enterprise environment such as windows Servers, Active Directory Certificate Service, Azure, etc. • Experience in one or more of the following a plus: Web application penetration testing, mobile application penetration testing application architecture and business logic analysis. • Relevant certifications, such as GWAPT, OSCP, OSEP, CRTP, CRTO, OSWA, are strongly preferred. Other information Interview process: Please expect 2-3 rounds of interview Does the job role involve travelling: No Does the busy season apply to this role: Seasonality of the work is dependent on the projects/ deliverable timelines Working location: Bangalore/Pune/Gurugram

Required Skills & Experience: 4+ years of experience in penetration testing, red teaming or offensive security. 1+ years working with AI/ML or LLM-based systems. Deep familiarity with LLM architectures (e.g., GPT, Claude, Mistral, LLaMA) and pipelines (e.g., LangChain, Haystack, RAG-as-a-Service). Strong understanding of embedding models, vector databases (Pinecone, Weaviate, FAISS), and API-based model deployments. Experience with adversarial ML, secure inference, and data integrity in training pipelines. Experience with red team infrastructure and tooling such as Cobalt Strike, Mythic, Sliver, Covenant, and custom payload development. Proficient in scripting languages such as Python, PowerShell, Bash or Go.

We're Hiring! I am excited to share some amazing career opportunities at Happiest Minds. Take your Security career to the next level with Happiest Minds, ! Join a dynamic team, where Security Meets Innovation, and grow with us. Be recognized in a Great Place to Work Certified environment Interested professionals can directly reach out to me ankita.patari@happiestminds.com or can apply in below post Preferred candidate profile : Breach & Attack Simulation, Cloud Security Assessment & Red Teaming Location : Bangalore Immediate joiner to 15 days only Role & responsibilities Penetration Testing, Manual Penetration Testing using OWASP checklists,OWASP Top 10,OWASP ZAP,Static/dynamic testing of mobile applications,Vulnerability Assessment,Cyber Resilience,Cyber Security Assessment & Consulting, Cybersecurity Thanks and regards, Ankita

As part of our offensive security team, youll work with cutting-edge tools, innovative techniques, and an experienced team to challenge the status quo and strengthen the digital landscape. Key Responsibilities - Execute full-scope Red Team engagements, including phishing, social engineering, and network penetration. Simulate advanced hacking techniques and replicate adversary tactics to uncover security weaknesses. Work closely with Blue Teams in Purple Team exercises to enhance detection and response capabilities. Develop, extend, or modify exploits, shellcode, or tools to simulate sophisticated attacks. Perform reverse engineering of malware (advantageous but not mandatory). Write clear and actionable reports outlining vulnerabilities, exploitation techniques, and remediation strategies. Stay updated on the latest cyber threats, attack methods, and emerging technologies. Required Skills & Experience - Deep understanding and extensive experience in penetration testing methodologies and tools. Strong technical knowledge of various technologies and the ability to quickly learn and adapt to new ones. A passion for learning new technologies and breaking them apart is essential. Expertise in Active Directory attacks and defenses. Proficiency with tools such as Metasploit, Cobalt Strike, BloodHound, and similar offensive security frameworks. Knowledge of hacking methods and frameworks like MITRE ATT&CK. Strong scripting skills (Python, PowerShell, Bash) and experience in manual exploitation techniques. Certifications such as OSCP, OSEP, CRTO, or equivalent are highly valued. What We Offer Competitive salary and benefits package. Exciting projects that challenge your skills and creativity. A collaborative environment where you’ll learn and grow alongside top talent. Access to cutting-edge tools and resources to stay ahead in the cybersecurity field. Opportunities to shape the future of offensive security and contribute to meaningful projects. Location Onsite/Workfrom Office. In special case Remote Why Join SecureLayer7? At SecureLayer7, you’re not just an employee—you’re part of a team that thrives on solving tough challenges, exploring the unknown, and making an impact. If you’re excited about breaking systems to make them stronger and securing the future of technology, we’d love to have you onboard.

Following are the details: ANZEN Technologies Private Limited stands as an unparalleled powerhouse, empowering organizations across industries with our visionary services, cutting-edge solutions, and ground-breaking services in the realm of Cyber Security, IT Governance, Risk Management, and Compliance. As your trusted partner, we offer a comprehensive suite of End-to-End security services and consultancy, tailored to safeguard critical infrastructure installations, elevate the standards of BFSI, eCommerce, IT/ITES, Pharmaceuticals, and an array of other sectors. Job Summary: We are seeking a skilled and passionate Red Team Security Consultant to join our cybersecurity team. The ideal candidate will specialize in simulating adversarial tactics, techniques, and procedures (TTPs) to identify vulnerabilities and improve the organization's security posture. This role involves performing advanced penetration tests, simulating real-world attacks, and working with teams to implement effective remediation strategies. Key Responsibilities: Plan, execute, and document Red Team exercises mimicking advanced threat actors for medium to large enterprises. Conduct network penetration testing (VAPT), system vulnerability assessments, and security configuration reviews. Perform manual security assessments for web applications, APIs, and client-server applications. Simulate sophisticated attack chains including lateral movement, privilege escalation, and data exfiltration. Develop and execute custom attack payloads using tools and scripts. Assess physical security controls and implement social engineering assessments when required. Create and maintain custom tools/scripts in languages like Python, Bash, or PowerShell. Utilize and adapt adversary emulation frameworks such as MITRE ATT&CK, Cobalt Strike, and Metasploit. Collaborate with Blue Teams to improve detection and response mechanisms through Purple Team engagements. Execute full-scope Red Team engagements, including phishing, social engineering, and network penetration. Simulate advanced hacking techniques and replicate adversary tactics to uncover security weaknesses. Develop, extend, or modify exploits, shellcode, or tools to simulate sophisticated attacks. Perform reverse engineering of malware (advantageous but not mandatory). Write clear and actionable reports outlining vulnerabilities, exploitation techniques, and remediation strategies. Stay updated on the latest cyber threats, attack methods, and emerging technologies. Qualification: BE/B. Tech/ MCA/ M. Sc. (IT/Computers) Skills : Excellent communication and collaboration skills. Red Teaming, VAPT, Application Security (Web/Mobile/API), Red Teaming and Application Security domains. Proficient in Application Security concepts, including OWASP Top 10 and OSSTMM. Experience with vulnerability scanning tools such as Burp Suite Pro, Nessus, OWASP ZAP, Kali Linux, Cobalt Strike, Caldera etc. Basic ability to write automation scripts (Bash or Python). Understanding of threat modelling and secure coding practices. Strong understanding of TTPs, threat modelling, and secure coding practices. Hands-on experience in Active Directory exploitation, phishing campaigns, and endpoint bypass techniques. Preferred Certificates : OSCP, CRTP, eWPTX, Security+, CREST, CRTO Job Location : Mumbai/Navi Mumbai Job Mode : Work from Office Need an immediate Joiner who may join by 15th June, 2025

Department: Information Technology Location: Ahmedabad, Gujarat Experience: 10+ Years Education: Bachelors/Masters degree in Computer Science, Cybersecurity, or a related field Certifications Preferred: OSCP, OSCE, OSEP, CRTP, CRTE, GPEN, GXPN, or equivalent Job Summary: We are seeking a highly experienced and skilled Red Team Specialist to join our cybersecurity team. The ideal candidate will lead advanced adversary simulations and penetration testing efforts to evaluate and strengthen the organization’s security posture. This role involves simulating real-world attack scenarios, identifying vulnerabilities, collaborating with Blue Teams, and recommending remediation strategies to enhance threat detection and response capabilities. Key Responsibilities: Adversary Simulation & Attack Execution Conduct full-scale Red Team assessments, emulating advanced persistent threat (APT) tactics, techniques, and procedures (TTPs). Simulate real-world attacks using frameworks and tools like MITRE ATT&CK, Cobalt Strike, Empire, Metasploit, and BloodHound. Exploit vulnerabilities across network infrastructure, cloud platforms, and web applications. Perform lateral movement, privilege escalation, and data exfiltration while evading detection mechanisms. Penetration Testing & Exploitation Perform internal and external penetration testing across enterprise systems. Identify and exploit misconfigurations and security gaps. Assess Active Directory security, including Kerberoasting, NTLM relay, and credential dumping. Develop custom payloads, exploits, and offensive methodologies. Evasion & Anti-Detection Techniques Employ techniques to bypass endpoint detection systems (EDR/XDR), SIEM tools, and behavioral analytics. Test the resilience of Blue Team monitoring capabilities. Implement obfuscation strategies and evasion tactics. Red Team & Blue Team Collaboration Participate in Purple Team exercises to enhance incident detection and response. Collaborate with SOC and threat intelligence teams to refine adversary emulation and response strategies. Contribute to improving incident response playbooks. Reporting & Documentation Document attack chains, vulnerabilities, and testing outcomes in detailed reports. Present technical findings and remediation recommendations to stakeholders. Create post-engagement reports, including MITRE ATT&CK mapping and kill chain analysis. Key Skills & Competencies: Proficient with offensive security tools: Cobalt Strike, Metasploit, Mimikatz, Empire, Covenant Deep understanding of frameworks: MITRE ATT&CK, Cyber Kill Chain, TIBER-EU Advanced expertise in Active Directory attacks , Kerberos exploitation , and lateral movement Strong scripting and automation skills: Python, PowerShell, Bash, C# Hands-on experience with cloud environments (Azure, AWS, GCP) and cloud exploitation Skilled in EDR/XDR evasion and SIEM bypass techniques Proven experience with Red Team / Blue Team collaboration and adversary emulation Analytical mindset with excellent problem-solving and documentation skills

Job Statement: NopalCyber makes cybersecurity manageable, affordable, reliable, and powerful for companies that need to be resilient and compliant. Managed extended detection and response (MXDR), attack surface management (ASM), breach and attack simulation (BAS), and advisory services fortify your cybersecurity across both offense and defense. AI-driven intelligence in our Nopal360 platform, our NopalGo mobile app, and our proprietary Cyber Intelligence Quotient (CIQ) lets anyone quantify, track, and visualize their cybersecurity posture in real-time. Our service packages, which are each tailored to a clients needs and budget, and external threat analysis, which provides critical intelligence at no-cost, help to democratize cybersecurity by making enterprise-grade defenses and security operations available to organizations of all sizes. NopalCyber lowers the barrier to entry while raising the bar for security and service. We are looking for a proven, high energy, results oriented GRC professional, where you will be a key advisor for our clients, analyzing business requirements to design and implement ideal security solutions for their needs. As an established GRC Professional, you will span operational, tactical, and strategic levels as well as tasks that tackle difficult problems that businesses are facing when building out and improving their security and compliance posture For attending the walk-in, please fill the form https://forms.gle/wLS8HtPyFZQKA4jf8 (Copy and paste in a browser) 1. SOC L3 Experience: 6+ years Skills: SIEM, IDS/IPS, EDR tools, log/packet analysis, TCP/IP, Linux/Windows, threat intelligence Tools: Splunk, QRadar, Crowdstrike, NetWitness Certifications (preferred): CISSP, CEH, CISM, GCIH 2. Offensive Security Specialist / Penetration Tester-L3 Experience: 6+ Skills: Web/API/Mobile Pentesting, Threat Modeling, Code Review, DAST, Cloud & Microservices security Tools: Burp Suite, Metasploit, Cobalt Strike, Nmap Languages: Python, Go, Java, JavaScript, C++ Certifications (preferred): OSCP, OSCE, OSWE, GPEN, CEH 3. GRC Security Consultant-L3 Experience: 8+ years Skills: Risk assessments, audits, ISO/NIST/PCI/GDPR frameworks, GRC tools, TPRM, vendor/client management Certifications: ISO 27001 LA/LI, CISSP, CISA, CIPP, CCSP, CCSK Note: Immediate to 30 days' notice preferred.

Web and Network PT Consultant Roles & responsibilities Perform manual application penetration tests on one or more of the following to discover and exploit vulnerabilities: web applications, internal applications, APIs, internal and external networks, and mobile applications Plan and execute network penetration testing and Red teaming assessments to simulate real-world attack scenarios. Perform manual network and application penetration tests on internal network, Active Directory environment, web applications. Perform social engineering assessment to assess the security awareness and physical security controls of the organization. Ability to independently research for new vulnerabilities in systems and software and modify and customize tools, known exploits, POCs and scripts to meet operational requirement. Research and stay up-to-date with the latest attack techniques, tools, and emerging threats. Present technical reports to clients, explaining the outcomes of the testing and providing detailed insights and recommendations. Collaborate effectively with cross-functional teams, including developers, IT operations, and business stakeholders to integrate security best practices seamlessly into project workflows. Provide mentorship and guidance to junior security staff and foster a culture of proactive security awareness within the organization. This role is for you if you have the below We are seeking an experienced and highly skilled Consultant with over 5+ years of working experience in the field of cybersecurity, including network penetration testing, vulnerability assessment, Active directory testing, phishing assessment and web application penetration testing. The ideal candidate will possess a strong working knowledge of Network protocols, performing OSINT to identify publicly available information and testing and exploiting Microsoft services like Windows Servers, Active directory, Certificate Services. Mandatory technical & functional skills Perform manual application penetration tests on one or more of the following to discover and exploit vulnerabilities: web applications, internal applications, APIs,internal and external networks, and mobile applications 5+ years of professional experience in cybersecurity, with a focus on Network penetration testing and Red teaming. Strong understanding of Network protocols, web applications, cryptography various operating systems and security technologies. Strong understanding of exploitation of Microsoft platform used in enterprise environment such as windows Servers, Active Directory Certificate Service, Azure, etc. • Experience in one or more of the following a plus: Web application penetration testing, mobile application penetration testing application architecture and business logic analysis. Relevant certifications, such as GWAPT, OSCP, OSEP, CRTP, CRTO OSWA, are strongly preferred.

Job location - Only Bangalore Perform manual application penetration tests on one or more of the following to discover and exploit vulnerabilities: web applications, internal applications, APIs, internal and external networks, and mobile applications 5+ years of professional experience in cybersecurity, with a focus on Network penetration testing and Red teaming. Strong understanding of Network protocols, web applications, cryptography, various operating systems and security technologies. Strong understanding of exploitation of Microsoft platform used in enterprise environment such as windows Servers, Active Directory Certificate Service, Azure, etc. Experience in one or more of the following a plus: Web application penetration testing, mobile application penetration testing application architecture and business logic analysis. Relevant certifications, such as GWAPT, OSCP, OSEP, CRTP, CRTO, OSWA, are strongly preferred.

Job Description Do you want to lead teams that find and exploit security vulnerabilities in Fortune 100 companies, critical infrastructure, and public sector agencies impacting millions of users? Join Securins Offensive Security Team where you'll emulate real-world attacks and oversee advanced offensive operations. We are a cross-disciplinary group of red teamers, adversarial AI researchers, and software developers dedicated to finding and fixing vulnerabilities across critical digital ecosystems. Role & responsibilities - Lead and perform advanced offensive security assessments, including Red Team operations, threat-based evaluations, and vulnerability exploitation. - Supervise and mentor a team of offensive engineers, manage task prioritization, and ensure high-quality delivery. - Execute Red Team operations on production systems, including AI platforms, using real-world adversarial tactics. - Provide strategic and technical security guidance to internal and external stakeholders. - Collaborate cross-functionally to integrate findings into enterprise detection and defense strategies. - Research and develop adversary TTPs across the full attack lifecycle. - Build tools to automate and scale offensive emulation and vulnerability discovery, utilizing AI/ML systems. - Continuously evaluate and enhance assessment methodologies and frameworks used by the team. - Contribute to the security community through publications, presentations, bug bounties, and open-source projects. Required Qualifications - 5+ years of experience in offensive security, red teaming, or penetration testing with at least 1 year in a leadership role. - Bachelors or Masters degree in Computer Science, Computer Engineering, or relevant field; or equivalent experience. - Expert knowledge of offensive security tactics, threat modeling, APT emulation, and Red Team operations. - Strong understanding of MITRE ATT&CK framework and exploitation of common vulnerabilities. - Proficiency in one or more programming/scripting languages (Python, Go, PowerShell, C/C++, etc.). - Hands-on experience with penetration testing tools such as Metasploit, Burp Suite Pro, NMAP, Nessus, etc. - Familiarity with security in cloud environments (AWS, Azure, GCP) and across Windows/Linux/macOS platforms. - Ability to clearly articulate findings to technical and executive audiences and lead mitigation efforts. - Authorization to work in the country of employment at time of hire and ongoing during employment. Preferred Qualifications - Certifications like OSCP, OSCE, OSEP, CRTO, or equivalent. - Experience with Purple Team operations and threat intelligence integration. - Track record in CTF competitions or bug bounty programs. - Reverse engineering experience or malware analysis expertise. - Exposure to Responsible AI and adversarial machine learning. - Participation in AI Village at DEFCON or similar security research events. - Publications or contributions to conferences such as AISec, NeurIPS, FAccT, or IC4. Other Requirements Ability to meet Securin, customer, and/or government security screening requirements. This includes a background check at the time of hire/transfer and every two years thereafter. Who Should Apply You have experience executing technical research and offensive security strategies with teams. You are skilled in experimental security science and confident in building your own tools. You clearly communicate findings, are mission-driven, and want to drive change in AI and cybersecurity. Role-Specific Policy This hybrid role requires in-office presence at least 50% of the time. Locations: Chennai, Tamil Nadu (India)