Position Summary The Head of Application Security (AppSec) & Vulnerability Management will be responsible for conducting security assessments and penetration testing of IT, cloud, and OT infrastructure, performing application security assessments for hosted applications, and providing DevSecOps support for new applications throughout their lifecycle. This role involves identifying potential vulnerabilities, suggesting mitigation strategies, and assisting customers and partners in implementing these strategies. Additionally, the role includes project management, service delivery, quality assurance, customer management, and maintaining relationships with vendors and technology partners. Key General Responsibilities: Lead and drive the AppSec and Vulnerability Management functions, ensuring effective service delivery through project acquisition, execution, and operational support. Demonstrate strong leadership skills by managing departmental and functional teams, including hiring, developing, and growing team competency. Provide expert technical guidance to delivery teams, partners, and customers, ensuring the successful implementation of security solutions. Be results-oriented with the ability to think strategically and align efforts with customer needs, working backward from those needs to achieve goals. Oversee project management, service management, and quality assurance processes to ensure successful delivery and client satisfaction. Exhibit strong communication skills, with a proven ability to work cross-functionally, deliver results, and demonstrate ownership in various projects. Manage all aspects of people development, including hiring, talent development, performance management, succession planning, and team engagement. Possess excellent interpersonal skills, with the ability to influence and engage stakeholders at all levels within the organization and with external customers, partners, and vendors. Support sales strategies to meet revenue targets by providing pre-sales support and delivering appropriate security solutions. Identify and cultivate new opportunities with existing customers, ensuring high levels of customer satisfaction and retention. Key Technical Responsibilities: As a technical leader, drive the future strategy for threat intelligence, security architecture reviews, vulnerability management, security configuration, DevSecOps, and application security. Conduct both manual and automated internal and external vulnerability assessments across IT, cloud, and OT environments. Perform security control and vulnerability assessments specifically within OT environments. Execute Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and Interactive Application Security Testing (IAST) to identify vulnerabilities in software applications. Conduct Vulnerability Assessment and Penetration Testing (VAPT) for web applications, Android applications, and APIs. Perform Gray Box and/or penetration testing on web, API, and mobile devices (Android). Complete project tasks with high quality and within deadlines. Analyze findings, draw comprehensive conclusions, and provide detailed recommendations and mitigation plans. Clearly communicate technical impacts and business risks to non-technical audiences after project completion. Provide expert advice on selecting and implementing appropriate security assessment and testing software and tools. Implement and manage DevSecOps practices using the Software Assurance Maturity Model (SAMM) to evaluate and enhance the security of software development processes. Adhere to security standards and frameworks, implementing best practices and methodologies. Work closely with product development teams to ensure adherence to secure coding practices. Educate customers, technical teams, and application developers about emerging threats, vulnerabilities, and application security, promoting a Security Champion program to raise awareness. Qualifications Education: oBachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field. A master's degree or relevant certifications (e.g., CISSP, CEH, OSCP) are preferred. Experience: oOver 10 years of experience in leading and managing threat and vulnerability functions, projects, and customer engagements. o6-8 years of direct, hands-on experience in cybersecurity, including familiarity with security standards and best practices, vulnerability assessments, web application testing, network and mobile application assessments, and penetration testing. o1-2 years of experience in enterprise security management, including security product/solution integration and security operations, with a solid understanding of network and system security concepts, standards, and best practices. oProven track record in building, leading, and managing security teams, with experience in cybersecurity practices, application security (AppSec), threat intelligence, vulnerability management, penetration testing, and infrastructure security assessment. oDemonstrated excellence in project management, service management, and customer relations. oExceptional written, presentation, and verbal communication skills, essential for effective team coordination, partner support, and service discussions. oStrong analytical abilities with a creative approach to solving complex technical problems. oCapable of working effectively with clients, management, staff, vendors, and consultants, and interacting and collaborating with senior management, including IT, Network, Security, and C-level executives. oAbility to remain calm and patient in high-pressure situations within a dynamic environment. Skills and Competencies oStrong background in network and infrastructure vulnerability assessment and penetration testing. oComprehensive understanding of security vulnerabilities, including OWASP Top 10, enterprise security architecture, relevant standards, best practices, and frameworks. oExtensive experience in securing web applications, APIs, Android mobile apps, and cloud environments (AWS/Azure). oProficient in software penetration testing, architectural risk assessment, threat modeling, static code analysis, and secure code review for web applications, APIs, and Android mobile applications. oStrong expertise in assessing web applications for security vulnerabilities using tools such as Burp Suite, OWASP ZAP, or similar. oSkilled in evaluating the security of Android mobile applications, including reverse engineering and code analysis. oIn-depth knowledge of cloud security best practices, with hands-on experience in AWS and Azure cloud platforms, including configuring security controls and monitoring for cloud-based threats. oExpertise in evaluating API security, focusing on authentication, authorization, and data protection. oExperience in web and mobile app security assessment according to OWASP standards. oProficient in analyzing vulnerabilities in various applications using both manual and automated tools. oFamiliarity with security practices in DevOps and CI/CD pipelines. oExperience with Windows and Linux operating systems, with a good understanding of operating system internals and mobile OS (Android), especially in the context of app development. oFamiliarity with common compliance requirements such as GDPR, PCI-DSS, and ISO 27001. oExperience with OWASP Mobile Security Testing Guide and associated checklists. oAbility to configure and utilize automated scanners for tasks such as login sequence, policy customization, and scan throttling, while effectively analyzing and managing false positives. oSkilled in identifying vulnerabilities not detected by automated scanners through manual testing, including authentication, session management, CSRF, and business logic testing. oUnderstanding of application workflows to identify entry points and potential vulnerabilities. oHands-on experience with popular security tools, including NMAP, Nessus, Burp Suite, Netsparker, Metasploit, and OWASP ZAP. oFamiliarity with Agile processes and development tools such as Jira, Confluence, Bitbucket, Git, Maven, and Jenkins. Why Tribastion? Strategic Leadership: Play a pivotal role in shaping Tribastions growth strategy in one of the most competitive markets in the world. Career Advancement: Opportunities for professional growth within a dynamic and rapidly expanding organization. Innovative Environment: Contribute to a company that prioritizes excellence, innovation, and leadership in the cybersecurity industry.

The OT Security Manager at Tribastion will lead the strategy, implementation, and management of cybersecurity solutions tailored to industrial control systems (ICS), SCADA, and other OT environments . This role bridges the gap between IT and OT security, ensuring robust protection of critical infrastructure. The position involves: Conducting OT security assessments Developing policies and incident response plans Managing compliance with standards like IEC 62443 and NIST SP 800-82 Overseeing risk mitigation strategies Leading client engagements and supporting pre-sales for OT security services The ideal candidate has 8–10+ years of OT security experience , deep technical knowledge of industrial protocols and systems, and a proven record in managing complex security projects across sectors like energy, manufacturing, or critical infrastructure. This is a senior role for someone passionate about safeguarding operational technologies while collaborating across engineering, IT, and executive teams. Connect in Linkdin and mail in careers@tribastion.com Show more Show less

Experience: 4–5 Years Location: NCR Key Responsibilities: Manage and execute GRC and ISMS-related projects end-to-end Conduct ISO 27001 implementation, audits, and compliance assessments Develop risk management and governance frameworks Advise clients on regulatory and industry-specific compliance requirements Prepare detailed reports, risk assessments, and mitigation strategies Required Skills: Strong knowledge of ISMS, ISO 27001 standards Proven project management experience Excellent communication and consulting abilities Experience with client-facing roles and stakeholder management Show more Show less

🚀 We're Hiring: Manager– AppSec & Vulnerability Management 📍 Location: India – Managed Security Services Organization 💼 Job Type: Full-Time We are looking for an experienced and dynamic Lead – AppSec & Vulnerability Management to join our team and take charge of security assessments, penetration testing, vulnerability management, and DevSecOps for IT/Cloud and OT infrastructure. In this leadership role, you'll manage a talented team, drive the execution of security projects, and ensure the successful delivery of services to customers. Key Responsibilities: 🔒 Lead and manage the AppSec & Vulnerability Management function, ensuring top-notch service delivery and operational success. 🔧 Provide technical leadership and guide your team to build and grow expertise in cybersecurity best practices. 🛠️ Perform penetration testing, vulnerability assessments, and security architecture reviews for IT, Cloud, and OT environments. 📈 Manage customer relationships, pre-sales strategies, and continuously identify opportunities to expand business. 💬 Communicate technical findings effectively to non-technical stakeholders and help implement mitigation strategies. Key Skills & Experience: ✅ 10+ years of experience in managing threat & vulnerability management functions, cybersecurity projects, and customer engagements. ✅ 6-8 years of hands-on experience in security assessments, penetration testing, vulnerability management, and web/mobile app security. ✅ Strong knowledge of security frameworks, OWASP Top 10, cloud security (AWS/Azure), API security, and DevSecOps. ✅ Proven leadership experience in managing teams, driving results, and handling key customer relationships. ✅ Strong communication and interpersonal skills, able to work cross-functionally with senior stakeholders. Qualifications & Certifications: 🎓 Education: B.Tech/B.E. in CSE/IT or related fields. 📜 Certifications: CEH, CISSP, OSCP, or similar security certifications. 🔧 Technical Skills: Expertise in vulnerability assessment tools (e.g., Burp Suite, OWASP ZAP), mobile app security, and security in DevOps environments. Why Join Us? 🌟 Lead and innovate in a fast-paced, growing industry. 🌟 Collaborate with cross-functional teams and drive impactful results. 🌟 Opportunity to shape the security strategy for large-scale enterprise clients. If you're passionate about cybersecurity and ready to make an impact, we’d love to hear from you! 👉 Apply Now! Shruti.Muskara@tribastion.com Show more Show less

Job Title: OT Security Consultant Location: Plant locations – Angul / Raigarh Department: Plant Automation / OT Security Experience: 5+ years in OT/ICS Security Involves traveling to client location for 3 months Job Summary: We are looking for an experienced OT Security Consultant to work closely with our Plant Automation team to enhance and implement cybersecurity controls in our operational technology (OT) environment. The ideal candidate will bring a strong understanding of industrial cybersecurity frameworks, especially IEC 62443, and will be responsible for supporting security control implementation. Primary Key Responsibilities: • Assist in identifying and mitigating OT cybersecurity risks. • Collaborate with plant automation teams to implement OT security controls as per available Gap Assessment report. Also advise in case of any missing Gaps • Support the development and implementation of security policies and standard operating procedures (SOPs) tailored to the OT environment. • Help define work arounds if direct security controls cannot be implemented • Collaborate with Plant Automation team to ensure updated network diagrams and asset inventory • Ensure alignment with IEC 62443 standards and other relevant frameworks. • Carry out OT-specific cybersecurity training. Qualifications: • Bachelor’s degree in Engineering, IT, Cybersecurity, or a related field. • 5+ years of experience in OT/ICS security, preferably within manufacturing or process industries. • Strong understanding of OT/IT network standard Architecture • Strong understanding of IEC 62443 standards. • Experience in working with control systems (e.g., PLCs, SCADA, DCS) and industrial networks. • Excellent documentation and communication skills. • Relevant certifications (e.g., GICSP, ISA/IEC 62443, CISSP) are a plus Show more Show less

🚀 We're Hiring: Manager– AppSec & Vulnerability Management 📍 Location: India – Managed Security Services Organization 💼 Job Type: Full-Time We are looking for an experienced and dynamic Lead – AppSec & Vulnerability Management to join our team and take charge of security assessments, penetration testing, vulnerability management, and DevSecOps for IT/Cloud and OT infrastructure. In this leadership role, you'll manage a talented team, drive the execution of security projects, and ensure the successful delivery of services to customers. Key Responsibilities: 🔒 Lead and manage the AppSec & Vulnerability Management function, ensuring top-notch service delivery and operational success. 🔧 Provide technical leadership and guide your team to build and grow expertise in cybersecurity best practices. 🛠️ Perform penetration testing, vulnerability assessments, and security architecture reviews for IT, Cloud, and OT environments. 📈 Manage customer relationships, pre-sales strategies, and continuously identify opportunities to expand business. 💬 Communicate technical findings effectively to non-technical stakeholders and help implement mitigation strategies. Key Skills & Experience: ✅ 10+ years of experience in managing threat & vulnerability management functions, cybersecurity projects, and customer engagements. ✅ 6-8 years of hands-on experience in security assessments, penetration testing, vulnerability management, and web/mobile app security. ✅ Strong knowledge of security frameworks, OWASP Top 10, cloud security (AWS/Azure), API security, and DevSecOps. ✅ Proven leadership experience in managing teams, driving results, and handling key customer relationships. ✅ Strong communication and interpersonal skills, able to work cross-functionally with senior stakeholders. Qualifications & Certifications: 🎓 Education: B.Tech/B.E. in CSE/IT or related fields. 📜 Certifications: CEH, CISSP, OSCP, or similar security certifications. 🔧 Technical Skills: Expertise in vulnerability assessment tools (e.g., Burp Suite, OWASP ZAP), mobile app security, and security in DevOps environments. Why Join Us? 🌟 Lead and innovate in a fast-paced, growing industry. 🌟 Collaborate with cross-functional teams and drive impactful results. 🌟 Opportunity to shape the security strategy for large-scale enterprise clients. If you're passionate about cybersecurity and ready to make an impact, we’d love to hear from you! 👉 Apply Now! careers@tribastion.com

Company Description Tribastion Technologies Pvt Ltd specializes in delivering comprehensive cybersecurity consulting and managed security services. We offer proactive threat detection, swift incident response, continuous monitoring, and expertly designed security solutions to protect digital environments from cyber threats. Our services span IT, OT, and Cloud environments, providing robust protection for individuals and organizations alike. Role Description This is a full-time on-site role for a Sales Executive. The Sales Executive will be responsible for managing the sales cycle from lead generation to closing deals. Key tasks include identifying potential clients, demonstrating our cybersecurity solutions, preparing proposals, and managing client relationships. The Sales Executive will also work closely with the marketing and technical teams to ensure customer satisfaction and achieve sales targets. Qualifications Proven experience in Sales, Business Development, and Account Management Knowledge of Cybersecurity technologies and solutions Excellent verbal and written communication skills Strong problem-solving and negotiation skills Ability to work independently and manage multiple tasks Experience in IT sales is a plus Bachelor's degree in Business, Marketing, or a related field