61 Sqlmap Jobs - Page 2

Dear Candidate, We are hiring a Compliance Engineer to ensure code and dependencies meet licensing and audit standards. Key Responsibilities: Track open-source usage and license compliance. Automate compliance scanning and reporting. Assist in security reviews and audits. Required Skills & Qualifications: Familiarity with tools like FOSSA, Black Duck. Knowledge of OSS licenses (MIT, GPL, Apache). Experience with code scanning and SBOMs. Note: If interested, please share your updated resume and preferred time for a discussion. If shortlisted, our HR team will contact you. Kandi Srinivasa Delivery Manager Integra Technologies

Hello Visionary! We empower our people to stay resilient and relevant in a constantly changing world. We’re looking for people who are always searching for creative ways to grow and learn. People who want to make a real impact, now and in the future. Does that sound like you? Then it seems like you’d make a great addition to our vibrant team. We are looking for a Penetration Tester. This position is available for Chennai Location. You’ll make a difference by: Having experience in Leading and performing complex penetration testing engagements across enterprise networks, cloud infrastructures, web, mobile, APIs, thick clients, and IoT environments. Having understanding to Simulate sophisticated real-world attacks (e.g., APT scenarios, lateral movement, chained exploits). Conducting Red Team exercises and adversary emulation based on frameworks like MITRE ATT&CK. Identifying and exploiting vulnerabilities using both automated tools and advanced manual techniques. Reviewing, enhancing, and developing custom scripts, tools, and exploits to support internal testing capabilities. Providing expert-level guidance to business units on security risks, remediation strategies, and secure architecture. Actively participating in client discussions, executive briefings, and technical workshops. Delivering detailed and executive-level reports, including risk ratings, business impact, PoCs, and mitigation steps. Maintaining robust documentation of testing methodologies, custom tools, and process improvements. Ensuring all engagements align with internal policies, industry frameworks (e.g., OWASP, NIST, ISO), and client-specific compliance standards. Training and Development Stay updated on the latest security trends, vulnerabilities, and technology advancements. Provide training and guidance to the team and other departments on security best practices. Strategy and Planning Plan and scope penetration testing engagements, ensuring comprehensive coverage and effectiveness. Participate in the development of security policies and standards. Technical Expertise Deep hands-on experience in: Web, API, Thick Client and mobile app security testing (e.g., OWASP Top 10 – Web, Mobile, API) Internal/external network penetration, privilege escalation, and lateral movement Active Directory assessments and exploitation (Kerb roasting, Pass-the-Hash etc.) Familiarity with ICS, SCADA, BACnet protocols, and covert communication channels Wireless, Bluetooth, IoT device, Embedded Security, Cloud (AWS/Azure/GCP), and container security testing Working knowledge of Kali Linux and frameworks like MITRE ATT&CK Basic understanding of AI/ML security: adversarial attacks, model poisoning, and secure deployment of AI systems Proficiency with tools such as: Offensive: Burp Suite Pro, Metasploit, SQLMap, Cobalt Strike, Impacket, CrackMapExec, BloodHound, Sliver Reconnaissance: Nmap, Amass, Shodan, OSINT frameworks/tools Vulnerability Scanners: Nessus, Qualys, Nexpose Programming/Scripting: Skilled in scripting and exploit development using Python, Bash, PowerShell, and occasionally C/C++ or Go Soft Skills Excellent written and verbal communication skills Strong analytical and problem-solving capabilities Ability to explain technical concepts clearly to non-technical stakeholders You’ll win us over by: Having An engineering degree B.E/B.Tech/M.E/M.Tech with good academic record. 6–7 years of proven experience in penetration testing and offensive security Certifications (Preferred): Highly Desirable: OSCP, OSWP, OSWE, GPEN, GWAPT, OSCE, OSEE, GXPN, CPTS, CWEE, CAPE Other Considered: EWPTXv2 or equivalent advanced offensive security certifications We’ll support you with: Hybrid working Opportunities. Diverse and inclusive culture. Great variety of learning & development opportunities. Join us and be yourself! We value your unique identity and perspective, recognizing that our strength comes from the diverse backgrounds, experiences, and thoughts of our team members. We are fully committed to providing equitable opportunities and building a workplace that reflects the diversity of society. We also support you in your personal and professional journey by providing resources to help you thrive. Come bring your authentic self and create a better tomorrow with us. Make your mark in our exciting world at Siemens. This role is based in Chennai and is an Individual contributor role. You might be required to visit other locations within India and outside. In return, you'll get the chance to work with teams impacting - and the shape of things to come. We're Siemens. A collection of over 319,000 minds building the future, one day at a time in over 200 countries. Find out more about Siemens careers at: www.siemens.com/careers

```html Company Description DragonFlyTest is a leading provider of independent software quality assurance and testing services to clients worldwide. We offer a comprehensive range of high-quality and efficient testing solutions to assist our customers in building quality products. With a team of over 70 skilled professionals, we deliver mission-critical testing solutions tailored to clients' business needs through our offices in the USA, UK, and India. DragonFlyTest is both ISO 9001:2015 and ISO/IEC 27001:2022 certified. Our tailored testing solutions improve operational efficiency, reduce time to market, increase credibility, and enhance customer retention. Location: Hyderabad Job Type: Full-Time Experience Level: 0-3 Years Department: Information Security / QA / Cybersecurity Role Description Plan and execute security testing (manual and automated) for web, mobile, API, and network components. Conduct Vulnerability Assessment and Penetration Testing (VAPT) using tools like Burp Suite Pro, OWASP ZAP, SQLMap, and Nmap. Perform API security testing including fuzzing, authentication/authorization checks, rate limiting, and schema validation. Execute Mobile Application Security Testing (Android/iOS) using tools like MobSF, Frida, or Drozer. Utilize Kali Linux tools and scripts for reconnaissance, exploitation, and reporting. Identify, document, and report security vulnerabilities with detailed risk analysis and remediation suggestions. Collaborate with developers, DevOps, and QA teams to fix and verify security vulnerabilities. Participate in threat modeling , risk assessments, and security reviews for new features or applications. Stay updated with latest security trends, exploits, and mitigation techniques. Email Your Profiles to info@dragonflytest.com ```

Job Title : VAPT Specialist Experience : 3+ Years Location : Mumbai / Thane Notice Period : Immediate Joiners Preferred Work Mode : Onsite Key Skills VAPT, CEH Certification, Penetration Testing, Metasploit, Kali Linux, Burp Suite, Web & Mobile App Security, Network Security, Bash/PowerShell, Linux Job Description We are looking for an experienced VAPT Specialist to join our cybersecurity team. The ideal candidate will be responsible for identifying vulnerabilities across web, mobile, and network environments, and helping mitigate security risks through thorough testing, reporting, and collaboration. Roles & Responsibilities Perform Web Application Vulnerability Assessment & Penetration Testing to uncover application-layer security issues. Conduct Mobile App VAPT on both Android and iOS platforms using tools like MObSF, Androbugs, etc. Execute Network Penetration Testing to assess internal and external infrastructure risks. Reverse engineer malware, identify obfuscation techniques, and analyze cryptographic implementations. Use industry-standard tools including Metasploit, Burp Suite, Kali Linux, SQLMap, Nessus, w3af, Skipfish, and others. Work with Linux/UNIX environments, using Bash and PowerShell scripting to automate tasks and streamline testing workflows. Document findings, write detailed security reports, and support internal teams with remediation steps. Continuously stay updated with evolving threats, vulnerabilities, and tools. Requirements 3-4 years of hands-on experience in VAPT across web, mobile, and networks. Proven expertise in Web and Mobile Application Security Testing. Strong experience with Network Security Assessment and Penetration Testing. Familiarity with malware reverse engineering and cryptographic vulnerability analysis. Proficient with a wide range of VAPT tools and frameworks. Solid understanding of Linux environments and scripting (Bash, PowerShell). CEH certification is mandatory (additional certifications like OSCP are a plus). Excellent analytical and problem-solving skills. Strong verbal and written communication to collaborate with technical and non-technical stakeholders. (ref:hirist.tech)

Hello Visionary! We empower our people to stay resilient and relevant in a constantly changing world. We’re looking for people who are always searching for creative ways to grow and learn. People who want to make a real impact, now and in the future. Does that sound like you? Then it seems like you’d make a great addition to our vibrant team. We are looking for a Penetration Tester. This position is available for Chennai Location. You’ll make a difference by: Having experience in Leading and performing complex penetration testing engagements across enterprise networks, cloud infrastructures, web, mobile, APIs, thick clients, and IoT environments. Having understanding to Simulate sophisticated real-world attacks (e.g., APT scenarios, lateral movement, chained exploits). Conducting Red Team exercises and adversary emulation based on frameworks like MITRE ATT&CK. Identifying and exploiting vulnerabilities using both automated tools and advanced manual techniques. Reviewing, enhancing, and developing custom scripts, tools, and exploits to support internal testing capabilities. Providing expert-level guidance to business units on security risks, remediation strategies, and secure architecture. Actively participating in client discussions, executive briefings, and technical workshops. Delivering detailed and executive-level reports, including risk ratings, business impact, PoCs, and mitigation steps. Maintaining robust documentation of testing methodologies, custom tools, and process improvements. Ensuring all engagements align with internal policies, industry frameworks (e.g., OWASP, NIST, ISO), and client-specific compliance standards. Training and Development Stay updated on the latest security trends, vulnerabilities, and technology advancements. Provide training and guidance to the team and other departments on security best practices. Strategy and Planning Plan and scope penetration testing engagements, ensuring comprehensive coverage and effectiveness. Participate in the development of security policies and standards. Technical Expertise Deep hands-on experience in: Web, API, Thick Client and mobile app security testing (e.g., OWASP Top 10 – Web, Mobile, API) Internal/external network penetration, privilege escalation, and lateral movement Active Directory assessments and exploitation (Kerb roasting, Pass-the-Hash etc.) Familiarity with ICS, SCADA, BACnet protocols, and covert communication channels Wireless, Bluetooth, IoT device, Embedded Security, Cloud (AWS/Azure/GCP), and container security testing Working knowledge of Kali Linux and frameworks like MITRE ATT&CK Basic understanding of AI/ML security: adversarial attacks, model poisoning, and secure deployment of AI systems Proficiency with tools such as: Offensive: Burp Suite Pro, Metasploit, SQLMap, Cobalt Strike, Impacket, CrackMapExec, BloodHound, Sliver Reconnaissance: Nmap, Amass, Shodan, OSINT frameworks/tools Vulnerability Scanners: Nessus, Qualys, Nexpose Programming/Scripting: Skilled in scripting and exploit development using Python, Bash, PowerShell, and occasionally C/C++ or Go Soft Skills Excellent written and verbal communication skills Strong analytical and problem-solving capabilities Ability to explain technical concepts clearly to non-technical stakeholders You’ll win us over by: Having An engineering degree B.E/B.Tech/M.E/M.Tech with good academic record. 6–7 years of proven experience in penetration testing and offensive security Certifications (Preferred): Highly Desirable: OSCP, OSWP, OSWE, GPEN, GWAPT, OSCE, OSEE, GXPN, CPTS, CWEE, CAPE Other Considered: EWPTXv2 or equivalent advanced offensive security certifications We’ll support you with: Hybrid working Opportunities. Diverse and inclusive culture. Great variety of learning & development opportunities. Join us and be yourself! We value your unique identity and perspective, recognizing that our strength comes from the diverse backgrounds, experiences, and thoughts of our team members. We are fully committed to providing equitable opportunities and building a workplace that reflects the diversity of society. We also support you in your personal and professional journey by providing resources to help you thrive. Come bring your authentic self and create a better tomorrow with us. Make your mark in our exciting world at Siemens. This role is based in Chennai and is an Individual contributor role. You might be required to visit other locations within India and outside. In return, you'll get the chance to work with teams impacting - and the shape of things to come. We're Siemens. A collection of over 319,000 minds building the future, one day at a time in over 200 countries. Find out more about Siemens careers at: www.siemens.com/careers

Why this job matters As an experienced Information Security Services provider, we will help lead a highly motivated team laser-focused on analysing, designing, developing and delivering solutions built to stop adversaries and strengthen your operations Our Competent individuals and Skilled leadership will provide you incident response, risk reviews and vulnerability assessments, identifying threats, all of which ladder up to driving secure solutions. What Ill be doing your accountabilities Accountable for delivering vulnerability assessments and penetration tests. Responsible for increasing individual technical skill whilst also delivering BAU. Accountable for increasing capability of the penetration testing team through web application, network & mobile skill acquisition. Accountable for support leadership in setting strategy for the team moving forward. Responsible for contributing to the positive research and technical capability of BT security. To support and maintain the BT Business Support Protect BT ISO27001 certificate for Offensive Security team The skills you need Pentest Skills Web application pen test (OWASP, NIST framework), Network pen test (Linux, windows), API & Mobile pen test. Networking Skills TCP/IP packet level understanding, Routing, Switching, firewall understanding. Linux Skills Linux directory structure & basic command line knowledge from pentest/vulnerability assessment standpoint. Vulnerability management- This requires understanding of vulnerability assessment framework (CVE/CVSS) and Security assessment tools (such as Nmap, Metasploit, Burp Suite, SQL map, Nessus) Regulatory Understanding- PCI DSS guidelines, GDPR. Leadership accountabilities Accountabilities of the job: Solution focused achiever: We need this person to focus on delivering exceptional penetration testing services Customer champion: we are transforming how we communicate with our customers and need responsible person with a customer-focused attitude. Change agent: We need a tester who sees our processes and immediately thinks of better ways to do what we are doing and then leads that change. Experience you would be expected to have Mandatory 2-4 Years experience in the field on pen testing. Mandatory Bachelors degree or higher preferred. CEH, OSCP, CREST, LPT certifications are highly preferred. Ability to understand packet level TCP/IP knowledge. Good scripting knowledge (e.g. Python) will be highly preferred. Capable of working successfully with end customers PREFERRED.

Your Role Were hiring a skilled VAPT Engineer to strengthen our cybersecurity team! If you have hands-on experience in Vulnerability Assessment & Penetration Testing , and a passion for securing digital infrastructure, apply now for Pan India locations . Experience in Cyber Security Penetration Testing (Manual PT, VAPT, DAST, SAST, MAST, API). Experience in Vulnerability Assessment and Penetration Testing of web applications, mobile applications, API networks, and thick client applications. Manual Penetration Testing skills and techniques, with hands-on experience in identifying false positives from automated tool results. Hands-on knowledge of toolsBurp Suite Professional, Qualys, Nmap, Kali Linux, Metasploit, Nessus, Wireshark, SQLmap, Checkmarx, etc. Strong knowledge of tools for mobile application security, including Appuse, MOBSF, Geny Motion, BURP, PostMan, Appie, Mobisec, NowSecure, HP Fortify on Demand, etc Your Profile Vulnerability Assessment and Penetration Testing (VAPT) experience range 3 to 9 years Cyber Security Penetration Testing Manual Penetration Testing skills Knowledge of security tools Mobile application security tools What you'll love about working here You can shape yourcareerwith us. We offer a range of career paths and internal opportunities within Capgemini group. You will also get personalized career guidance from our leaders. You will get comprehensive wellness benefits including health checks, telemedicine, insurance with top-ups, elder care, partner coverage or new parent support via flexible work. At Capgemini, you can work oncutting-edge projectsin tech and engineering with industry leaders or createsolutionsto overcome societal and environmental challenges.

Roles and Responsibilities: Perform Dynamic Application Security Testing (DAST) on web applications and APIs (manual and tool-based). Analyze DAST scan results, identify and prioritize vulnerabilities based on risk. Participate in triage meetings with application teams to explain and document findings. Lead deep API security testing (REST, SOAP, GraphQL), identifying flaws like BOLA, token leakage, replay attacks, etc. Conduct manual penetration testing using offensive tools and custom payloads. Craft custom exploit chains for vulnerabilities such as deserialization, command injection, and broken access controls. Maintain custom scripts, payloads, and test cases to simulate real-world attacker scenarios. Possibly perform Static Application Security Testing (SAST) and understand differences from DAST. Document testing procedures, findings, and remediation efforts. Communicate security findings to both technical and non-technical stakeholders. Collaborate with DevOps, developers, and security teams to address issues. Participate in process improvements and develop long-term testing strategies. Requirements: 5 to 7 years of hands-on experience in web application security testing. Strong knowledge in: Web & API penetration testing. DAST & SAST methodologies. API security concepts and testing. Proficiency in offensive security tools and Kali Linux tools (e.g., SQLMAP, Dirbuster). Experience in identifying and exploiting common vulnerabilities (SQL Injection, XSS, CSRF, etc.). Understanding of HTML, JavaScript . Bonus for experience with: Front-end tech: .NET, Java Back-end tech: Oracle Mobile or IoT app testing. Bug bounty programs. Familiarity with tools like: DAST: Burp Suite, NetSparker SAST: Checkmarx, Veracode, Fortify Clear written and verbal communication skills. Any relevant certifications (e.g., OSCP, OSWE, GWAPT, CREST) are a plus. Experience with Red Teaming/adversary emulation is a strong advantage.

Company Description Secuneus Technologies is an independent registered company in India specializing in core Cyber Security. We help businesses protect themselves against the latest cyber threats by providing end-to-end security consultancy solutions. Secuneus Technologies supports organizations with their cyber security compliance requirements, including ISO 27001. Our team consists of qualified and experienced cyber security specialists dedicated to delivering effective results at a fair price. Role Description This is a full-time on-site role located in Jalandhar for a Cyber Security Trainer / Instructor / Teacher. The role involves instructing and educating students and professionals on various aspects of cyber security, including application security, network security, information security, and malware analysis. The trainer will develop and deliver course materials, conduct hands-on training sessions, and assess participants' progress. Qualifications Knowledge and experience in Application Security and Cybersecurity Skills in Network Security and Information Security Excellent communication and teaching skills Ability to develop and deliver course materials effectively Experience in training or teaching in the field of cyber security Bachelor’s degree in Cyber Security, Information Technology, or related field Relevant certifications such as CompTIA, CEH, or equivalent are a plus Must have Knowledge : Metasploit-Framework, BurpSuite, SQLMap, OWASP Top 10, TryHackMe, VAPT, WLAN Security (WEP/WPA/WPA2), Cryptography, DVWA, Wireshark, Snort, Phishing, DOS/DDos etc

Choosing Capgemini means choosing a company where you will be empowered to shape your career in the way you’d like, where you’ll be supported and inspired by a collaborative community of colleagues around the world, and where you’ll be able to reimagine what’s possible. Join us and help the world’s leading organizations unlock the value of technology and build a more sustainable, more inclusive world. Your Role We’re hiring a skilled VAPT Engineer to strengthen our cybersecurity team! If you have hands-on experience in Vulnerability Assessment & Penetration Testing , and a passion for securing digital infrastructure, apply now for Pan India locations . Experience in Cyber Security Penetration Testing (Manual PT, VAPT, DAST, SAST, MAST, API). Experience in Vulnerability Assessment and Penetration Testing of web applications, mobile applications, API networks, and thick client applications. Manual Penetration Testing skills and techniques, with hands-on experience in identifying false positives from automated tool results. Hands-on knowledge of tools: Burp Suite Professional, Qualys, Nmap, Kali Linux, Metasploit, Nessus, Wireshark, SQLmap, Checkmarx, etc. Strong knowledge of tools for mobile application security, including Appuse, MOBSF, Geny Motion, BURP, PostMan, Appie, Mobisec, NowSecure, HP Fortify on Demand, etc Your Profile Vulnerability Assessment and Penetration Testing (VAPT) experience range 3 to 9 years Cyber Security Penetration Testing Manual Penetration Testing skills Knowledge of security tools Mobile application security tools What You'll Love About Working Here You can shape your career with us. We offer a range of career paths and internal opportunities within Capgemini group. You will also get personalized career guidance from our leaders. You will get comprehensive wellness benefits including health checks, telemedicine, insurance with top-ups, elder care, partner coverage or new parent support via flexible work. At Capgemini, you can work on cutting-edge projects in tech and engineering with industry leaders or create solutions to overcome societal and environmental challenges. Capgemini is a global business and technology transformation partner, helping organizations to accelerate their dual transition to a digital and sustainable world, while creating tangible impact for enterprises and society. It is a responsible and diverse group of 340,000 team members in more than 50 countries. With its strong over 55-year heritage, Capgemini is trusted by its clients to unlock the value of technology to address the entire breadth of their business needs. It delivers end-to-end services and solutions leveraging strengths from strategy and design to engineering, all fueled by its market leading capabilities in AI, generative AI, cloud and data, combined with its deep industry expertise and partner ecosystem.

Roles And Responsibilities To perform Web and Mobile Application and API Penetration testing To perform Secure code review Client interaction Perform retest post confirmation on the fixes Followup with the relevant stakeholders on the remediation of open vulnerabilities Mandatory Skills Required For The Role Web, API and Mobile Penetration Testing Good understanding of OWASP methodology, ASVS and other checklists Good written and spoken communication skills Ability to do report walkthrough with relevant stakeholders Hands-on experience with Burp suite pro, SQLmap, Kali Linux tools Optional Skills For The Role Thick client App PT

Company Description Vigilant Telecom operates with tactical precision under our tagline, "Infiltrate. Expose. Neutralize." We deliver elite cybersecurity services with a clear objective: dominate the threat landscape. Our services include deep penetration testing across networks, web and mobile applications, APIs, and cloud environments. We offer cybersecurity consulting to shape resilient strategies and architectures tailored to your needs. Role Description We’re seeking a Web Application Penetration Tester to identify and exploit vulnerabilities across complex web environments. This is an on-site role in Mumbai. You’ll be responsible for assessing the security of web applications, APIs, and cloud-hosted services, simulating real-world attack scenarios, and delivering actionable insights that harden client defenses. Qualifications Experience: 2–3 years in web application security testing or offensive security roles Technical Skills: Deep understanding of OWASP Top 10, API security issues, session management, access control, and input validation flaws Hands-on experience with tools like Burp Suite, OWASP ZAP, SQLmap, Nmap, and browser-based testing plugins Knowledge of HTTP protocols, REST/GraphQL APIs, authentication mechanisms (OAuth, JWT), and web server configurations Scripting experience with Python, JavaScript, or Bash for custom testing and automation Knowledge: Familiarity with client/server-side vulnerabilities, business logic attacks, and modern frameworks (React, Angular, etc.) Experience testing Single Page Applications (SPAs) and cloud-hosted services Education: Bachelor’s degree in Computer Science, Cybersecurity, or equivalent experience/certifications (e.g., OSWE, eWPT, Burp Suite Certified Practitioner) Soft Skills Strong attention to detail with a deep analytical mindset Clear communication to explain technical issues to developers and non-technical stakeholders Passion for offensive security and continuous learning Preferred Certifications like OSWE, eWPT, or Burp Suite Certified Practitioner Experience in bug bounty programs or CTFs Exposure to DevSecOps pipelines and secure SDLC

Job Title: Faculty – Cyber Security & Machine Learning Location: Mira Road, Thane Position Type: Visiting Faculty Job Summary: We are seeking an experienced and passionate faculty member to teach and mentor undergraduate students in the field of Cyber Security and Machine Learning. The selected candidate will be responsible for delivering course content, designing assessments, mentoring students on practical implementations, and driving academic excellence in the subjects Ethical Hacking and Machine Learning I, as outlined by the University of Mumbai syllabus. Key Responsibilities: Academic Delivery ● Conduct theory and practical sessions for: ○ Ethical Hacking (including network security, cryptography, web security, hardware security) ○ Machine Learning I (including supervised & unsupervised learning, ensemble techniques, SVM, dimensionality reduction) ● Create lesson plans, lecture notes, and assessment tools aligned with syllabus ● Use tools such as Cisco Packet Tracer, Kali Linux, Metasploit, SQLMap, Wireshark, Jupyter Notebooks, Scikit-learn, and others during practical sessions ● Assign and evaluate laboratory work, tutorials, and case studies ● Encourage students to use digital tools and platforms (e.g., DVWA, OWASP, Kaggle, UCI datasets) Assessment & Evaluation ● Conduct internal assessments as per academic guidelines ● Prepare, administer, and grade exams, assignments, and projects ● Maintain timely and accurate records of grades and student progress Qualifications & Experience: Minimum Qualifications: ● Master’s degree in Computer Science / Cyber Security / Information Technology / Data Science / Artificial Intelligence or equivalent Experience: ● Minimum 2–5 years of teaching or industry experience in ethical hacking, information security, or applied machine learning Preferred Skills: ● Hands-on with penetration testing tools (e.g., Wireshark, John the Ripper, Metasploit) ● Familiarity with ML libraries: Scikit-learn, TensorFlow, etc. ● Experience with classroom and lab-based instruction ● Strong communication and mentoring skills Desirable Certifications: ● CEH (Certified Ethical Hacker) ● CompTIA Security+ ● Offensive Security Certified Professional (OSCP) ● Machine Learning or AI certifications (Coursera, edX, etc.) Remuneration: Rs. 2000 per hour (Negotiable)

Job Description We are seeking a skilled and experienced Cybersecurity Specialist to join our dynamic team. The ideal candidate will have 3-7 years of experience in cybersecurity roles and a strong technical background in information security. If you're passionate about protecting data, identifying vulnerabilities, and implementing robust security Responsibilities : Develop, implement, and maintain cybersecurity policies, firewalls, intrusion detection/prevention systems (IDS/IPS), endpoint security solutions, and data encryption. Conduct regular security assessments, risk analyses, and vulnerability assessments to identify potential weaknesses and mitigate risks. Experience in Web/Mobile/Network Penetration Testing and/or Vulnerability Assessment. Experience with web application vulnerability scanner (BurpSuite, AppScan, Acunetix, Web Inspect, etc). Deep knowledge of common software vulnerabilities, such as OWASP Top 10 and CWE/SANS Top 25. Deep knowledge of HTTP protocol and the ability to construct/manipulate HTTP requests. Ability to suggest/recommend remediation to fix vulnerability. Manual Penetration Testing skills and techniques are required besides automated tools and frameworks. Knowledge on Tools : Nmap, Kali Linux, Metasploit, Maltego, Burp Suite, Nessus, nexpose, Wireshark, sqlmap etc. Proficiency in Conducting API (REST, SOAP, XML, JSON) Security testing activities to identify and mitigate security 3-7 years of experience in cyber security or a related field. Bachelor's degree in Computer Science, Information Security, Cyber Operations, or a related field (or equivalent experience). Strong understanding of networking concepts, security principles, and cyber threats. Proven experience with vulnerability scanning and penetration testing tools. Knowledge of regulatory requirements and compliance frameworks (eg, PCI DSS, NIST, CIS Controls). Experience in Information security controls, and doing IT audits, ISO certifications is preferred. (ref:hirist.tech)

Company Profile: Lennox (NYSE: LII) Driven by 130 years of legacy, HVAC and refrigeration success, Lennox provides our residential and commercial customers with industry-leading climate-control solutions. At Lennox, we win as a team, aiming for excellence and delivering innovative, sustainable products and services. Our culture guides us and creates a workplace where all employees feel heard and welcomed. Lennox is a global community that values each team member’s contributions and offers a supportive environment for career development. Come, stay, and grow with us. Job Description: Manage tracking and remediation of vulnerabilities. Collaborate with development and support teams to ensure timely remediation using agreed action plans and timelines . Integrate business risk understanding into security operations . Apply security expertise to assess and protect business-critical web applications . Qualifications: 0-2 years of relevant experience Master’s Degree from a reputed institute with good academics history. Experience in Web Application VAPT – DAST . Strong knowledge of the OWASP framework and methodologies . Experience with web application vulnerability scanning tools : IBM AppScan, HP WebInspect, Acunetix, Netsparker, NTO Spider, Burp Suite Pro. Proficient in Kali Linux penetration testing tools : e.g., SQLMAP, DirBuster. Understanding of web services technologies : XML, SOAP, and SAML. Good understanding of HTML and JavaScript . (Preferred) Proficiency in Front End (.NET, Java) and Back End (Oracle) technologies. (Preferred) Experience with code scanning tools : Fortify, Checkmarx, Veracode. Exposure to common vulnerabilities : SQL Injection, XSS, CSRF, and participation in bug bounty programs. Strong communication and interpersonal skills . Professional Certification : CEH (mandatory) OSCP (preferred / big plus

Company Profile Lennox (NYSE: LII) Driven by 130 years of legacy, HVAC and refrigeration success, Lennox provides our residential and commercial customers with industry-leading climate-control solutions. At Lennox, we win as a team, aiming for excellence and delivering innovative, sustainable products and services. Our culture guides us and creates a workplace where all employees feel heard and welcomed. Lennox is a global community that values each team member’s contributions and offers a supportive environment for career development. Come, stay, and grow with us. Job Description Manage tracking and remediation of vulnerabilities. Collaborate with development and support teams to ensure timely remediation using agreed action plans and timelines. Integrate business risk understanding into security operations. Apply security expertise to assess and protect business-critical web applications. Qualifications 0-2 years of relevant experience Master’s Degree from a reputed institute with good academics history. Experience in Web Application VAPT – DAST. Strong knowledge of the OWASP framework and methodologies. Experience with web application vulnerability scanning tools: IBM AppScan, HP WebInspect, Acunetix, Netsparker, NTO Spider, Burp Suite Pro. Proficient in Kali Linux penetration testing tools: e.g., SQLMAP, DirBuster. Understanding of web services technologies: XML, SOAP, and SAML. Good understanding of HTML and JavaScript. (Preferred) Proficiency in Front End (.NET, Java) and Back End (Oracle) technologies. (Preferred) Experience with code scanning tools: Fortify, Checkmarx, Veracode. Exposure to common vulnerabilities: SQL Injection, XSS, CSRF, and participation in bug bounty programs. Strong communication and interpersonal skills. Professional Certification: CEH (mandatory) OSCP (preferred / big plus Show more Show less

Job Description We are seeking a skilled and experienced Cybersecurity Specialist to join our dynamic team. The ideal candidate will have 3-7 years of experience in cybersecurity roles and a strong technical background in information security. If you're passionate about protecting data, identifying vulnerabilities, and implementing robust security measures. Key Responsibilities Develop, implement, and maintain cybersecurity policies, firewalls, intrusion detection/prevention systems (IDS/IPS), endpoint security solutions, and data encryption. Conduct regular security assessments, risk analyses, and vulnerability assessments to identify potential weaknesses and mitigate risks. Experience in Web/Mobile/Network Penetration Testing and/or Vulnerability Assessment. Experience with web application vulnerability scanner (BurpSuite, AppScan, Acunetix, Web Inspect, etc). Deep knowledge of common software vulnerabilities, such as OWASP Top 10 and CWE/SANS Top 25. Deep knowledge of HTTP protocol and the ability to construct/manipulate HTTP requests. Ability to suggest/recommend remediation to fix vulnerability. Manual Penetration Testing skills and techniques are required besides automated tools and frameworks. Knowledge on Tools: Nmap, Kali Linux, Metasploit, Maltego, Burp Suite, Nessus, nexpose, Wireshark, sqlmap etc. Proficiency in Conducting API (REST, SOAP, XML, JSON) Security testing activities to identify and mitigate security : 3-7 years of experience in cyber security or a related field. Bachelor's degree in Computer Science, Information Security, Cyber Operations, or a related field (or equivalent experience). Strong understanding of networking concepts, security principles, and cyber threats. Proven experience with vulnerability scanning and penetration testing tools. Knowledge of regulatory requirements and compliance frameworks (e.g., PCI DSS, NIST, CIS Controls). Experience in Information security controls, and doing IT audits, ISO certifications is preferred. (ref:hirist.tech) Show more Show less

Category: Administration Main location: India, Karnataka, Bangalore Position ID: J0625-0283 Employment Type: Full Time Position Description: Company Profile: Founded in 1976, CGI is among the largest independent IT and business consulting services firms in the world. With 94,000 consultants and professionals across the globe, CGI delivers an end-to-end portfolio of capabilities, from strategic IT and business consulting to systems integration, managed IT and business process services and intellectual property solutions. CGI works with clients through a local relationship model complemented by a global delivery network that helps clients digitally transform their organizations and accelerate results. CGI Fiscal 2024 reported revenue is CA$14.68 billion and CGI shares are listed on the TSX (GIB.A) and the NYSE (GIB). Learn more at cgi.com. Job Title: Cyber Security Engineer Position: Senior Systems Engineer/Lead Analyst Experience: 7+ yrs Category: IT Infrastructure Main location: Bangalore Position ID: J0625-0283 Employment Type: Full Time Qualification: Bachelor's degree in Computer Science or related field or higher with minimum 3 years of relevant experience. Job Description: At least 7+ years’ Experience in Vulnerability Assessment and Penetration testing of web applications, mobile applications, API and thick client applications. Good knowledge on web application security, OWASP, Application Security testing, Network Penetration testing, Code Review, Vulnerability Assessment and Appscan Experience in cyber security penetration testing (Manual, PT, VAPT, DAST, SAST, API) Hands on experience in setting up the network environment for VAPT Manual penetration testing skills and techniques are required besides automated tools and frameworks. Hands on experience in identifying false positives Hands on knowledge on tools: Burp Suite Professional, Qualys, Nmap, Kali Linux, Metasploit, Nessus, Wireshark, Sqlmap, Checkmarx etc Strong knowledge of tools for mobile application security, including but not limited to Appuse, MOBSF, Geny Motion, Kali Linux, BURP, PostMan, Appie, Mobisec, NowSecure, HP Fortify On Demand Good Understanding of OWASP Top 10 for web application security and Mobile application security. Perform mobile vulnerability assessment and Penetration testing. Good understanding of Microservice based architecture Experience working in a DevSecOps environment with knowledge of continuous integration, containers, DAST/SAST tools Good understanding of Database security requirements. Good knowledge of cloud environments and should be able to perform VAPT on AWS, Azure etc. Scripting and coding experience(good to have) Certifications: OSCP, CEH Must have Skills : Good knowledge on web application security, OWASP, Application Security testing, Network Penetration testing, Code Review, Vulnerability Assessment and Appscan Experience in cyber security penetration testing (Manual, PT, VAPT, DAST, SAST, API) Hands on experience in identifying false positives Hands on knowledge on tools: Burp Suite Professional, Qualys, Nmap, Kali Linux, Metasploit, Nessus, Wireshark, Sqlmap, Checkmarx etc Good to have Skills : Excellent customer interfacing skills. Excellent written and verbal communication skills. Participating in Daily Standups and weekly reviews Strong attention to detail and outstanding analytical and Problem-solving skills. Understanding of Business, emerging technologies in relevant industry (Banking/CIAM ) , strong understanding of trends (market and technology) in areas of specialization. CGI is an equal opportunity employer. In addition, CGI is committed to providing accommodations for people with disabilities in accordance with provincial legislation. Please let us know if you require a reasonable accommodation due to a disability during any aspect of the recruitment process and we will work with you to address your needs. Life at CGI: It is rooted in ownership, teamwork, respect and belonging. Here, you’ll reach your full potential because… You are invited to be an owner from day 1 as we work together to bring our Dream to life. That’s why we call ourselves CGI Partners rather than employees. We benefit from our collective success and actively shape our company’s strategy and direction Your work creates value. You’ll develop innovative solutions and build relationships with teammates and clients while accessing global capabilities to scale your ideas, embrace new opportunities, and benefit from expansive industry and technology expertise You’ll shape your career by joining a company built to grow and last. You’ll be supported by leaders who care about your health and well-being and provide you with opportunities to deepen your skills and broaden your horizons Come join our team, one of the largest IT and business consulting services firms in the world Skills: Vulnerability Assessment(IAVA) What you can expect from us: Together, as owners, let’s turn meaningful insights into action. Life at CGI is rooted in ownership, teamwork, respect and belonging. Here, you’ll reach your full potential because… You are invited to be an owner from day 1 as we work together to bring our Dream to life. That’s why we call ourselves CGI Partners rather than employees. We benefit from our collective success and actively shape our company’s strategy and direction. Your work creates value. You’ll develop innovative solutions and build relationships with teammates and clients while accessing global capabilities to scale your ideas, embrace new opportunities, and benefit from expansive industry and technology expertise. You’ll shape your career by joining a company built to grow and last. You’ll be supported by leaders who care about your health and well-being and provide you with opportunities to deepen your skills and broaden your horizons. Come join our team—one of the largest IT and business consulting services firms in the world.

Role: Senior Security Specialist Location : Bangalore Working Model : Hybrid Final Round Interview : F2F Summary of essential job functions The overall responsibility of the team is to provide assurance to the management on the Information Security, Compliance and Risk Management of the organization globally. The candidate would be expected to lead security assessments of Products and Infrastructure globally. Education, Certification and Experience: Qualification Required: Bachelor/Master’s degree in Computer/ Information science, Software Engineering, Cybersecurity, or a related field Certification preferred: OSCP, OSWE, OSEP, ECSA|LPT, CPT, CEH Minimum experience: 08-10 years in Vulnerability Assessment and Penetration Testing- Thin & Thick Client, API , Infrastructure, Cloud, Mobile Competency Requirements: Performs a combination of duties in accordance with departmental guidelines: Hands-on experience in Vulnerability Assessment (VA) and Penetration Testing (PT) for Web, APIs, AI/ML models, Mobile , Network, and Infrastructure. Strong command of OWASP Top 10 with practical knowledge of attack vectors and mitigation strategies. Familiarity with industry standards and frameworks such as OSSTMM, OQASP, CESG, CREST, NIST, ISSAF, and PTES. Expertise in Secure Development Lifecycle (SDLC), including Threat Modeling, Secure Coding Practices, and Security Assessments. Proficient in both Static and Dynamic Application Security Testing (SAST, DAST, IAST), and Software Composition Analysis (SCA). Experience conducting secure code reviews and identifying logic flaws in code bases written in Java, .NET, C/C++, Python, etc. Knowledge of cryptographic protocols, secure communication, data security and key management. Hands-on with commercial and open-source tools: Burp Suite, OWASP ZAP, Acunetix, AppSpider,SQLMap, Nmap, Metasploit, Nessus, OpenVAS, Fortify, Checkmarx, Veracode, SonarQube, NexusIQ and Snyk. Proficient in assessing mobile applications (thick/hybrid clients) using tools like Dex2jar, ADB, Frida. Exposure to AuthN/AuthZ protocols such as OAuth, SAML, OIDC; ability to read, write, and interpret application logic. Familiarity with vulnerability standards: CVSS, CVE, CWE, CAPEC; and patch management lifecycle. Experience automating tasks via shell scripting and Python/Ruby/Php etc. Proficiency in secure code development and reviewing DAST/SAST reports across languages. Understanding security aspects in AWS, Azure, and GCP including IAM, VPC/VNet, S3/Blob storage, API gateway, Load Balancers, WAF, Containers (Docker), and Kubernetes. Experience in infrastructure/network penetration testing and exploitation techniques on Windows/Linux environments. Experience in mentoring, leading teams, and managing security assessments under tight deadlines. Manage third-party security assessments, including vendor risk evaluations, engagement oversight, and ensuring compliance with organizational security standards. Proven ability to provide technical oversight and drive engagement quality across security projects. Exposure to agile/scrum development methodologies and ability to work with cross-functional teams. Familiarity with security standards like PCI DSS, SOC, ISO 27001. Participation in bug bounty program and CTFs is a strong plus. Proactive learning approach, staying updated with evolving cybersecurity trends and technologies. Job Responsibilities: Plan, conduct, and close end-to-end Vulnerability Assessments and Penetration Tests for Web Applications, APIs, Mobile Apps, Thick Clients, Infrastructure, and Cloud environments. Perform both manual and automated security assessments to identify, validate, and prioritize vulnerabilities. Review application code in various programming languages and provide actionable remediation recommendations. Reproduce reported vulnerabilities with proof-of-concept (PoC) and assess associated risks. Evaluate new security tools and products for adoption and integration. Guide development teams on Secure Coding standards and OWASP-aligned practices. Lead and contribute to secure SDLC processes, threat modeling workshops, and risk reviews. Manage and triage security bugs from Bug Bounty programs, working closely with engineering teams to ensure timely resolution. Maintain and improve the security posture of applications across business units, aligning with best practices. Act as a security advisor on project teams, influencing architecture and design decisions. Drive security awareness initiatives and conduct training sessions for developers and QA teams. Update and maintain InfoSec policies and procedures in line with emerging threats, technologies, and compliance requirements; provide support to both internal and external auditors during security assessments and audits. Other Requirements: Strong ethics and understanding of ethics in business and information security. Proficiency in English (both written and oral communication skills). Ability to complete tasks and deliver professionally written reports for clients. Ability to present findings to technical staff and executives. Ability to interact with 247 internal stakeholders to review their requirements. Should be able to think “out of the box” and implement new attack vectors. Self-motivated, curious, knowledgeable pertaining to news and current events Show more Show less

Job Summary: We are seeking a highly experienced “Senior VAPT & Penetration Testing Specialist” to lead and ensure the quality and effectiveness of our vulnerability assessment and penetration testing operations. This role involves findings, validating findings, reviewing technical reports, ensuring compliance with standards (OWASP, PTES, NIST, etc.), and improving methodologies and tools. Key Responsibilities: Conduct in-depth vulnerability assessments and penetration tests on web, mobile, network, API, and cloud infrastructure using manual and automation. Utilize industry-standard tools like SQLMap, Burp Suite, Nessus, Nmap, and custom scripts for advanced exploitation techniques. Simulate various cyber-attacks including DDoS, Brute Force, XSS, SQL Injection, DNS attacks, and Social Engineering to identify system vulnerabilities. Perform peer reviews of technical deliverables and verify accuracy of findings and recommendations. Ensure that all assessments are aligned with industry standards such as OWASP, PTES, MITRE ATT&CK, and NIST. Act as a technical lead and mentor for junior VAPT team and QA team members. Identify gaps in the current testing methodologies and implement process improvements. Prepare detailed documentation and the VA report and ensure clear, actionable, and risk-rated reporting. Collaborate with clients and internal teams to understand scope and provide post-assessment clarifications. Present the client meeting for the future VAPT assignments. Stay updated with emerging threats, tools, techniques, and frameworks. Required Skills & Qualifications: Bachelor's or Master's degree in Computer Science, Cybersecurity, or related field. 3 to 5 years of hands-on experience in VAPT and penetration testing. In-depth knowledge of web, network, mobile, cloud, and API security. Strong understanding of secure coding practices and vulnerability management. Expertise in tools like Burp Suite, Nmap, Nessus, Metasploit, Qualys, Kali Linux, Wireshark, etc. Familiarity with SIEM, IDS/IPS, EDR tools is a plus. Excellent report writing and documentation skills. Strong communication and overseas client-interaction skills. Preferred Certifications: OSCP (Offensive Security Certified Professional) – Highly preferred CEH (Certified Ethical Hacker) CREST / GPEN / GWAPT / CISSP – Optional but desirable ISO 27001 Lead Auditor or Lead Implementer – Added advantage Job Type: Full-time Pay: Up to ₹1,800,000.00 per year Schedule: Monday to Friday UK shift Work Location: In person Speak with the employer +91 9429521724

Roles and Responsibilities: Conduct Web Application VAPT (Vulnerability Assessment and Penetration Testing), focusing on DAST. Perform vulnerability scans using tools such as IBM AppScan, HP WebInspect, Acunetix, Netsparker, NTO Spider, and Burp Suite Pro. Utilize Kali Linux penetration testing tools like SQLMAP, Dirbuster, etc. Understand and apply OWASP Top 10 frameworks and methodologies in assessments. Manage tracking and remediation of vulnerabilities , coordinating with development and support teams on timelines and action plans. Analyze and communicate security risks based on business impact and context. Collaborate with internal stakeholders to ensure vulnerabilities are mitigated efficiently. Clearly document findings, reports, and progress on identified issues. Communicate effectively with technical and non-technical audiences. Requirements: Experience : 0–2 years of relevant experience in Application Security / VAPT. Education : B.E./B.Tech or Master’s Degree from a reputed institute with a strong academic background. Technical Skills : Experience with Web Application Security Testing and DAST tools. Familiarity with web technologies (HTML, JavaScript) and web services (XML, SOAP, SAML). Knowledge of front-end (.NET, Java) and back-end (Oracle) environments is a plus. Exposure to common vulnerabilities (SQL Injection, XSS, CSRF) and bug bounty programs . Experience with SAST tools such as Fortify, Checkmarx, or Veracode is an added advantage. Soft Skills : Strong communication and interpersonal skills . Ability to understand business context and translate it into security assessments. Certifications : CEH certification is mandatory . OSCP certification is a strong plus. Show more Show less

Roles and Responsibilities: Perform Dynamic Application Security Testing (DAST) on web applications and APIs (manual and tool-based). Analyze DAST scan results, identify and prioritize vulnerabilities based on risk. Participate in triage meetings with application teams to explain and document findings. Lead deep API security testing (REST, SOAP, GraphQL), identifying flaws like BOLA, token leakage, replay attacks, etc. Conduct manual penetration testing using offensive tools and custom payloads. Craft custom exploit chains for vulnerabilities such as deserialization, command injection, and broken access controls. Maintain custom scripts, payloads, and test cases to simulate real-world attacker scenarios. Possibly perform Static Application Security Testing (SAST) and understand differences from DAST. Document testing procedures, findings, and remediation efforts. Communicate security findings to both technical and non-technical stakeholders. Collaborate with DevOps, developers, and security teams to address issues. Participate in process improvements and develop long-term testing strategies. Requirements: 5 to 7 years of hands-on experience in web application security testing. Strong knowledge in: Web & API penetration testing. DAST & SAST methodologies. API security concepts and testing. Proficiency in offensive security tools and Kali Linux tools (e.g., SQLMAP, Dirbuster). Experience in identifying and exploiting common vulnerabilities (SQL Injection, XSS, CSRF, etc.). Understanding of HTML, JavaScript . Bonus for experience with: Front-end tech: .NET, Java Back-end tech: Oracle Mobile or IoT app testing. Bug bounty programs. Familiarity with tools like: DAST: Burp Suite, NetSparker SAST: Checkmarx, Veracode, Fortify Clear written and verbal communication skills. Any relevant certifications (e.g., OSCP, OSWE, GWAPT, CREST) are a plus. Experience with Red Teaming/adversary emulation is a strong advantage. Show more Show less

Come work at a place where innovation and teamwork come together to support the most exciting missions in the world! Responsibilities In this position, you will primarily be researching and implementing detections for vulnerabilities on all the latest web application technologies. You will also be expected to fine-tune existing logic and payloads to detect vulnerabilities and CVEs with zero false positives for the Qualys Web Application Security product. Efficient problem-solving and troubleshooting skills are necessary, as well as using the latest tools in the industry. Required Skills: 3-5 years of industry experience in web application security Create exploits, proof-of-concept for web application vulnerabilities Strong JavaScript programming skills Knowledge of HTTP protocol (Requests, responses, Cookies, etc.) Understanding of web application vulnerabilities, OWASP top 10 in Web Applications, API, and LLMs Exposure to DAST/BlackBox tools Web application security scanning tools like BURP/ZAP, SQLMap, CURL Experience with network analysis tools and analysis of packet captures. Proficient with regular expressions. System administrator experience on Windows or Unix platforms. Strong analytical and problem-solving skills Passion for web security and attention to detail Experience with scripting languages, including Python and Bash Exposure to JAVA programming Experience with selenium, postman scripting Experience with Metasploit/Nessus exploits (especially HTTP-related ) Experience with web application firewalls (WAF) rules, ModSecurity Exposure to WEB 2.0, XML/XPath, JSON, Swagger Database/SQL knowledge Experienced in the use of various scanners and open-source security tools. Experience in developing security-related tools/programs. Ability to work independently Published research Security certifications Show more Show less

Job Purpose: Provides hands-on technical and security support across enterprise environments, including performing manual security testing, assisting with vulnerability identification and remediation, and supporting threat response activities. Contributes to cloud security posture monitoring, participates in responsible disclosure and bug bounty processes, and supports ongoing compliance initiatives. Aids in the investigation and response to security incidents, monitors threat intelligence sources, and helps implement security controls across systems, applications, and Office365 environments. Also assists with maintaining documentation and gathering evidence for audits related to SOC 2 Type 2, PCI-DSS, and ISO 27001 frameworks. Supports sales and client teams by contributing to responses for security audits, risk assessments, and customer security questionnaires. Job Responsibilities: Essential Functions: This position operates under limited supervision with a high degree of independence in day-to-day security tasks. The Security Engineer supports enterprise security operations, infrastructure protection, and compliance efforts. Key responsibilities include: Perform manual security testing and assist with 2nd and 3rd level investigation and resolution of security-related support tickets. Participate in vulnerability management processes, including scanning, tracking, reporting, and remediation assistance. Monitor and support cloud security posture across environments (e.g., AWS, Azure), contributing to secure configuration and alerting. Support Office365 security administration and monitoring efforts Assist in monitoring threat intelligence feeds and help correlate findings with internal environments to identify potential risks. Respond to and support the triage and resolution of security incidents in coordination with internal teams and vendors to minimize business impact. Contribute to the intake and triage process for responsible disclosure reports and bug bounty submissions. Provide security support for customer audits and sales enablement activities by helping to complete security questionnaires and assessments. Assist with maintaining and collecting evidence for compliance frameworks such as SOC 2 Type 2, PCI-DSS, and ISO 27001. Help train and support internal teams in secure configurations and processes. Work with internal infrastructure, development, and compliance teams to implement and maintain security standards and controls. Research, test, and provide input on new security tools, products, and practices. Maintain accurate records of work performed, including documentation and ticketing of changes and issues. Non-Essential Functions: May be required to participate in an on-call rotation outside of normal business hours to support security incident response or high-priority investigations. May assist with ad-hoc security-related tasks or projects outside of core responsibilities Requirements: Required Education and Experience: Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or equivalent technical experience Minimum 3+ years of experience in information security, cybersecurity, or in a security engineering role Hands-on experience with manual security testing and vulnerability management practices Working knowledge of private and public cloud environments and cloud security posture management (e.g., AWS, Azure, or GCP) Familiarity with security compliance frameworks (SOC 2 Type 2, PCI-DSS, ISO 27001) Experience with MS Azure security and Office365 security tools (e.g., Microsoft Defender, Purview, Security & Compliance Center) Understanding of incident response processes and tools Exposure to responsible disclosure or bug bounty program workflows Ability to document technical findings and produce support materials for audit and remediation purposes Minimum 2+ years of experience with Penetration Testing tools such as Nmap, Burp Suite, OWASP ZAP, Nikito, SQLmap, Postman, MetaSploit, Mimikatz, Bloodhound, Maltego and others Preferred Education and Experience: Bachelor’s degree or equivalent experience. Related certifications Expected Competencies: Strong verbal and written communication skills Must be able to prioritize and take initiative Demonstrate excellent service skills Strong English communication skills, both written and verbal Work Schedule: Monday through Friday from 12 PM to 9 PM IST. This will provide healthy overlap between India team and US team and supporting both to ensure adequate collaboration. This role will be working in Hybrid Mode and will require at least 2 days’ work from office at Hyderabad or Gurugram Travel: This position may require up to 10% travel. Travel may be outside the local area and overnight EEO Statement Cendyn provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability or genetics. In addition to federal law requirements, Cendyn complies with applicable state and local laws governing non-discrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training. Cendyn expressly prohibits any form of workplace harassment based on race, color, religion, gender, sexual orientation, gender identity or expression, national origin, age, genetic information, disability, or veteran status. Improper interference with the ability of Cendyn’s employees to perform their job duties may result in discipline up to and including discharge. Other Duties Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities, and activities may change at any time with or without notice.

Conduct Web Application and API Security Testing using both Manual and Automated Penetration Testing Methodologies Conduct Vulnerability Assessments of Network Devices, DB and servers using various open source and commercial tools Map out a network, discover ports and services running on the different exposed network and security devices Conduct penetration test and launch exploits using Nessus, Metaspoilt, Core Impact, Backtrack penetration testing distribution tools sets Prepare a detailed VAPT findings manually Strong experience with performing VAPT as per OWASP Top 10, SANS Top 25, and NIST, and SANS Security Guidelines. Hands on knowledge on Tools: Nmap, Kali Linux, Metasploit, Maltego, Burp, Nessus, nexpose, wireshark, sqlmap, MobSF, burpsuite etc. Conduct android and IOS mobile application VAPT Ability to suggest remediation to vulnerabilities observed in Application and configuration. Minimum 2-3 years of work experience in the information security domain only Job Types: Full-time, Permanent Pay: ₹20,000.00 - ₹65,000.00 per month Benefits: Internet reimbursement Supplemental Pay: Performance bonus Application Question(s): Did you worked in the domains like API Testing, IOS, Android Testing, Web Application Testing, Network Penetration Testing, Mobile Application Testing? Experience: minimum: 1 year (Required) Language: English (Required) Location: Gurugram, Haryana (Required) Work Location: In person