229 Vapt Jobs

Key Responsibilities Regulatory Compliance and Standards Management Ensure compliance with PCI DSS, ISO 27001, SOC2, DPDPA, SAR DLA, NPCI and RBI guidelines, Lead internal and external audits related to security and compliance frameworks, Vulnerability Management & Security Testing: Conduct regular vulnerability assessments, penetration testing (VAPT), and security audits Collaborate with development teams to ensure that identified vulnerabilities Data Protection & Privacy: Ensure adherence to the standards for data protection regulations, including DPDPA and Indian Regulations for personal data, Collaborate with cross-functional teams to safeguard personal data and sensitive financial information, ensuring data encryption and secure transaction protocols, Cybersecurity Best Practices: Implement and maintain information security best practices in line with frameworks such as ISO/IEC 27001 and the NIST Cybersecurity Framework, Assist in designing and deploying security controls for cloud and on-premise environments, protecting sensitive business and financial data, Incident Response and Risk Management: Assist in developing and managing incident response plans for security breaches and vulnerabilities, ensuring regulatory reporting requirements are met, Work closely with IT teams to identify, respond to, and resolve security incidents quickly and effectively, Security Documentation and Reporting: Create and maintain detailed reports of security status, vulnerabilities, risks, and compliance audits, Report on the effectiveness of security measures and ensure continuous monitoring of security incidents Develop and implement internal legal policies, ethics guidelines Collaboration and Training: Collaborate with internal teams to integrate security practices into the software development lifecycle (SDLC), Provide training to internal stakeholders on compliance and security practices, Stay informed and ensure adherence to financial transaction regulations, such as FATF recommendations and GST compliance in India, Educational Qualifications & Skills Bachelor's or Masters degree in Computer Science, Information Technology, Cybersecurity, or a related field, Relevant certifications like CEH, CISSP, CompTIA Security+, CISM, or ISO 27001 Lead Implementer are a plus, Strong understanding of VAPT tools and methodologies ( e-g , Nessus, Burp Suite), Knowledge of compliance regulations including PCI DSS, GDPR, CCPA, PDPB, FATF, and RBI guidelines, Hands-on experience with cloud security and network security tools and frameworks ( e-g , firewalls, SIEM, IDS/IPS, endpoint protection), Skills Ability to conduct risk assessments, manage security audits, and ensure compliance with regulatory requirements, Strong problem-solving and analytical skills with attention to detail, Excellent communication skills, both written and verbal, for reporting and liaising with stakeholders, A deep understanding of financial transaction security and regulatory guidelines for payment platforms, Experience Minimum 1 years of experience in information security, cybersecurity, or risk management, Experience working with security frameworks and compliance in financial, payment, or similar regulated industries is a plus, Show

Responsible for performing VAPT, mobile pen testing, sequel injection, on the web, mobile, infrastructure, and API, doing a secure code review, and analyzing any security incidents that strike within our Secure Nexus division.

Essential Services : Role & Location fungibility At ICICI Bank, we believe in serving our customers beyond our role definition, product boundaries, and domain limitations through our philosophy of customer 360-degree. In essence, this captures our belief in serving the entire banking needs of our customers as One Bank, One Team . To achieve this, employees at ICICI Bank are expected to be role and location-fungible with the understanding that Banking is an essential service . The role descriptions give you an overview of the responsibilities, it is only directional and guiding in nature. About the role As a Lead Information Security Resiliency and Vulnerability Assessment & Penetration Testing Manager, you will be responsible for defining the scope for annual Vulnerability Assessment & Penetration Testing (VAPT) activity and handling end-to-end third party VAPT assessment activity. The selected applicant, would be accountable for managing organizations cyber resiliency and for implementing cyber resilience goals. Key Responsibilities Business Understanding: Understanding/Knowledge of information security domains, risks, mitigation and overall management. Experience and knowledge of servers, networks, security devices etc. Collaborate: Interaction with various stakeholders/teams on daily basis. Ability to communicate effectively with Heads of various teams. Proactively coordinating with different teams for tracking and closure of open observations and escalating when necessary. Vendor Management: Facilitating the vendor with requirements for carrying out the VAPT assessment. Vendor selection, evaluation and finalization for the annual Vulnerability Assessment & Penetration Testing (VAPT) activity. Candidate should review the draft reports shared by vendors and suggest if any changes required, Validation of final reports. Timely communication of final reports to relevant stakeholders. Qualifications & Skills Educational Qualification: Engineering Graduate in CS, IT, EC or InfoSec, CyberSec or MCA equivalent. Certifications: ISO27001, CISSP, CISM Compliance: Candidate should validate the security controls deployed across DC, DR, NDR and COLO environment and prepare the quarterly resiliency report to share with senior management. Synergize with Team: Ability to work collaboratively with different teams for closure of activities. Strong analytical and problem-solving skills. Experience in the banking domain will add an advantage. Strong understanding and hands-on experience of VAPT activity and Information Security resiliency. Communication skills: Excellent communication and interpersonal skills. About the Business Group ICICI Banks Technology Risk Management Group believes in providing services to its customers in the safest and secure manner keeping in mind that data protection and secure Technology for its customers is as important as providing quality banking services across the spectrum. The CIA triad of Confidentiality, Integrity, and Availability is at the heart of building a comprehensive information security framework. The Bank also lays emphasis on customer elements like protection from phishing, adaptive authentication, awareness initiatives, and provide easy to use protection and risk configuration ability in the hands of customers. The Bank also undertakes campaigns to create awareness among customers on security aspects while banking through digital channels.

As an Analyst in Cyber Security, you will be responsible for applying your hands-on expert knowledge of tools such as Burp, Nessus, Nmap, Nipper, Metasploit, and other latest tools in the field. Your expertise will be crucial in conducting Vulnerability Assessment and Penetration Testing (VAPT) across various domains including Cloud Security, Web, and Mobile Applications. You should possess a solid understanding of OWASP top 10 and other application/network security frameworks to effectively discover and analyze security vulnerabilities. Your experience in Web Application and Internal/External Network Testing will be key in identifying and mitigating security risks. Moreover, your skills in Configuration Review, policy review, system and network hardening, as well as endpoint review will play a vital role in enhancing the overall security posture. Experience in Application Code Review and Testing tools will be an added advantage in this role. Your ability to create comprehensive reports and communicate effectively, both in writing and verbally, will be essential as you directly engage with clients during projects. You will also be expected to review cyber-attack surfaces, recommend security measures, and conduct cyber investigations when necessary. A minimum of 1 year of post-qualification experience in Security Testing Projects is required for this position. Holding certifications such as CEH/CHFI, OSCP/eWPTX, or any other industry-recognized security certification will be advantageous. If you have a basic scripting knowledge in any language, it will be considered a plus. Additionally, your willingness to travel as needed will be appreciated in this role.,

Cyber security instructor, SOC operations, Bug bounty operations, Network Security, Python Scripting, Security Consulting, Training Delivery, Student Mentorship, Assessment and Evaluation

The Role Description: Designated position will be a part of India Managed Security Services Organization. The individual will be required to lead AppSec and Vulnerability Management business function and will be responsible for conducting security assessment, Penetration testing of IT/Cloud and OT infrastructure, application security assessment of hosted applications and DevSecOps support for new applications throughout their lifecycle to identify potential vulnerabilities, suggest mitigation strategies, and support the customers/ partners in implementing these strategies. This included project management, service delivery and quality assurance, customer management, relationship with vendors & technology partners. Key General Responsibilities: Lead and drive the AppSec & Vulnerability management function and service delivery by new projects acquisition, project delivery through execution & operations support Strong leadership skills with the ability to lead department and manage functional teams Build and grow the competency through hiring and developing the current team Provide strong technical leadership to the delivery team, partners and customers Results-oriented and ability to think big can work backward from customers needs Project Management, Service Management, Customer handling, Quality assurance Highly effective communicator and demonstrated ability to work cross-functionally, with a track record of delivering results and demonstrating strong ownership People management and accountable for hiring, talent development, performance management, succession planning, coaching to direct reports, and engagement for the teams Excellent communication and interpersonal skills, with the ability to influence and engage stakeholders at all levels within the organization and with customers, partners/vendors Support sales strategy to meet agreed business revenue through pre-sales & appropriate solutions Identify and grow new opportunities with existing customer and ensure customer satisfaction and retention Key Technical Responsibilities: As Technical leader, drive future strategy around Threat intelligence, security architecture reviews, vulnerability management, security configuration, DevSecOps and application security Perform manual/automation internal and external vulnerability assessments in IT/Cloud and OT Perform security control assessment and vulnerability assessments in OT environment Perform Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and Interactive Application Security Testing (IAST) to identify vulnerabilities in software applications Conduct Vulnerability Assessment and Penetration Testing (VAPT) in Web, Android and API Perform Gray Box and/or Penetration testing on WEB, API and Mobile Device (Android) Complete project work with quality and within deadlines as required, complete the analysis and draw comprehensive conclusions, making appropriate recommendations and mitigation plan Communicate technical impact and business risk to a non-technical audience after the project Provide expert advice on the selection and implementation of appropriate Security Assessment / Testing software and tools Implement and manage DevSecOps by utilizing Software Assurance Maturity Model (SAMM) to evaluate and improve the security of software development processes Follow security standards and frameworks, and implement best practices methodologies Work closely with product development teams to ensure secure coding practices are followed Educate customers, technical team, application developers about Emerging threat and vulnerability, application security to raise awareness and build a Security Champion program General Experience Requirement for the role: Having 8+ years of experience in the leading and managing Threat & Vulnerability competency, projects and customer engagements Having 6-8 years of core hands-on experience in fields of cyber-Security, security standards, best practices, vulnerability assessments, web application testing, network and mobile application assessment, and penetration testing 1-2 years of experience in enterprise security management, security products/solution integration/security operations, with good understanding of Network and system security concepts and standards, security best practices Experience building and leading and managing security teams with experience in Cyber security practices, AppSec, threat intelligence, vulnerability management, penetration testing, infrastructure security assessment Excellent Project Management, Service Management and customer handling skills Possess excellent written, presentation and verbal communication skills necessary for team coordination, helping partners, and service discussions along with organizational skills Good analytical skills with an ability to think outside the box to solve highly technical problems Ability to work effectively with clients, management, staff members, vendors, and consultants Good interpersonal skills to interact and collaborate with senior management stakeholders such as IT, Network and Security and CIO/ CTO/ business leadership teams Ability to work calmly with patience in high pressure situations in a dynamic environment Education and Certification preferred for the role: BTech/B.E. in CSE/IT/CSA/ECE MCA/ MTech/MS in CSE/IT/CSA/Electronics Any of the security certifications such as CEH, CHFI, ECSA, OSCP, GPEN, CISSP/CISM/CISA Technical Skills that are Key to this role: Strong background in Network/Infrastructure Vulnerability Assessment and Penetration Testing Good understanding of security vulnerabilities, OWASP Top 10 vulnerabilities, Enterprise security architecture, standards, relevant best practices and frameworks Extensive expertise in Web, API, Android Mobile Apps, and AWS/Azure Cloud Security, Experience with software penetration testing, architectural risk assessment, threat modeling, static code analysis and secure code review on WEB, API and Android mobile applications Web Application Penetration Testing: Strong experience in assessing web applications for security vulnerabilities using tools such as Burp Suite, OWASP ZAP, or similar. Mobile Application Penetration Testing: Proficiency in evaluating the security of mobile applications on Android platforms, including reverse engineering and code analysis. Cloud Security: In-depth knowledge of cloud security best practices, including experience with AWS/ Azure Cloud Platform, and the ability to configure security controls and monitor for cloud-based threats, with experience in AWS/Azure cloud security assessments. API Security: Expertise in assessing the security of APIs, including authentication, authorization, and data protection. Web Application and Mobile Apps security assessment in accordance with the OWASP standards. Vulnerability Assessment includes analysis of bugs in various applications on various domains by using both manual and Automation tools. Familiarity with security in DevOps and continuous integration/continuous deployment (CI/CD) pipelines. Experience of working on Windows and Linux with Good understanding of operating system internals (Windows, Linux and Mobile OS (Android) and app development (especially mobile) Should be familiar with common compliance requirements like GDPR, PCI-DSS, ISO 27001 Experience with mobile Open Web Application Security Project (OWASP) standards and testing checklist. Should be able to configure automated scanners (such as Login sequence, manually exploring critical flaws, Policy customization, scan throttling, etc) to perform successful scans. Assessment of scanner results and intelligently identifying false positives from the scan results. Flaws like, Authentication (session management) testing, CSRF, business logic testing which are not detected by an automated scanner must be identified using manual testing. Understanding of the workflow of the application and identifying the entry points to detect possible vulnerabilities.Hands-on experience with popular security tools NMAP, Nessus, Burp Suite, Nessus, Netsparker, Metasploit, OWASP ZAP. Familiar with Agile process and development tools (Jira, Confluence, Bitbucket, Git, Maven, Jenkins, etc

Conduct comprehensive penetration testing of networks, web applications, mobile applications, and other systems to identify security vulnerabilities. Perform vulnerability assessments and provide detailed recommendations for remediation. Knowledge of OT-ICS Security standards, including ISA/IEC 62443, NIST 800-82, NERC-CIP, MITRE ATT&CK etc. Strong knowledge of common security vulnerabilities, attack vectors, threat modelling and exploitation techniques. Proficiency in using penetration testing tools and frameworks such as Nessus, Burp Suite, Nmap, and other ethical hacking tools. Strong understanding of network protocols, network and application security architectures, and common vulnerabilities (e.g., OWASP Top Ten). Prepare detailed reports of findings, including risk analysis and recommended mitigations, and present these findings to stakeholders. Stay current with emerging security threats, vulnerabilities, and technology trends, and apply this knowledge to improve our security posture. Understanding of component/system architectures in IT and OT environments. Understanding and evaluation of security testing methods. Knowledge of typical industrial protocols (e.g., Modbus, Profinet, OPC, DNP3.0, CAN) Excellent communication skills, with the ability to clearly articulate technical findings and recommendations to both technical and non-technical audiences Source code review for control flow and security flaws IEC 62443 Standard plus at least one of: ISO/IEC 27001 IEC 61508 NIST CSF IEC 61162-460:2024 Proficient in developing VAPT documentation and methodologies specifically aligned with IEC 61162-460:2024 for maritime navigation and radiocommunication equipment cybersecurity. Automotive Vehicle Testing Support Skilled in providing cybersecurity testing support for automotive vehicles , including VAPT of ECUs and in-vehicle networks , threat modeling , and ensuring compliance with industry standards like ISO/SAE 21434. Roles and Responsibilities Min. one professional certification such as Certified Ethical Hacker (CEH), ISA/IEC 62443, OSCP or certified Penetration Tester preferred. Min 2–5 years of experience performing security testing on Industrial control system components like IOT devices, PLCs, SCADA, IIOT devices etc. Familiarity with operating systems (Windows, Linux) and their security features. Excellent problem-solving skills and the ability to think critically to identify and address security issues. Strong verbal and written communication skills, with the ability to document and present technical information to both technical and non-technical audiences. Perform and report on penetration testing of systems, including cloud, NIST 800-53 CA-8 security control and using methodologies that may include, NIST SP 800-115, IEC 62243, PTES, and Information Systems Security Assessment Framework (ISSAF). Develop and maintain up-to-date knowledge of security testing tools and techniques. Contribute to the development and maintenance of security testing methodologies and procedures. Team Collaboration and Training Collaborate with other members of the security team to develop and maintain security policies, procedures, and standards

As a Security Professional specializing in Red Team, you will be responsible for conducting assessments and simulations to identify vulnerabilities in the organization's security measures. Your primary skill set should include expertise in Red Team operations, with a focus on outsmarting and challenging existing security protocols. Additionally, proficiency in Web Vulnerability Assessment and Penetration Testing (VAPT) along with Mobile VAPT will be valuable secondary skills for this role. You should have a solid background in assessing web and mobile applications for potential security risks and implementing measures to enhance their overall security posture. Ideally, you should possess 3 to 6 years of relevant experience in the field of cybersecurity, with a proven track record of successful Red Team engagements and VAPT assessments. Your expertise will be crucial in ensuring the robustness of the organization's security infrastructure and safeguarding against potential cyber threats. This position is based in Mumbai, with a requirement for working from office (WFO) five days a week. Your presence on-site will facilitate collaboration with the team and enable real-time response to security incidents, ensuring proactive security measures are in place. Key skills for this role include Red Team operations, VAPT methodologies, and specifically Mobile VAPT techniques. Your ability to think like an adversary and anticipate potential security breaches will be essential in protecting the organization's digital assets effectively.,

Roles and Responsibilities can take corporate and classroom regular training batches of students and professionals Desired Candidate Profile CEHv12, NPT, WAPT, Linux, Cyber Security, Ethical Hacking Perks and Benefits 2 Lac to 6 Lacs

You should have practical and updated knowledge in recent concepts related to Information Security, VA/PT, Information Security Auditing, and Digital Forensics. You should be efficient in teaching, training, and offering consultancy services in the above areas. This is a Full-time, Permanent position with benefits such as commuter assistance and leave encashment. The work schedule is Monday to Friday with weekend availability required. The preferred education requirement is a Master's degree. You should have at least 1 year of experience in teaching, making lesson plans, and a total of 1 year of work experience. Proficiency in English is preferred. The work location is in person, and the expected start date is 01/10/2025.,

Job Title: Deputy Manager IS Audit Department: Information Systems Audit Location: Mumbai/Hyderabad Interview Date Reference: Candidate qualifications & certifications must be valid as of 30.06.2025 Basic Qualifications (As on 30.06.2025): Educational Qualification: B.E. / B.Tech. in Computer Science / Software Engineering / IT / Electronics or equivalent discipline Minimum 50% aggregate marks Degree must be from a Govt. of India recognized university / institution / board or one approved by a government regulatory body. Professional Certifications: Mandatory: CISA (Certified Information Systems Auditor) from ISACA, USA (Must be valid on the date of interview) Desirable: CEH (Certified Ethical Hacker) from EC-Council, USA Experience (Post-Education) (As on 30.06.2025): Essential: Minimum 4 years of work experience in BFSI / IT / Information Security Consultancy Out of which, 2 years must be in IS Audit / Cyber Security Audit / Information Security Consultancy Note: Training / Teaching experience will not be considered All claimed experience should be supported by employer-issued certificates Desired Technical Skills: Proficiency in Vulnerability Assessment & Penetration Testing (VAPT) tools such as: Nessus, Retina, SAINT, Kali Linux Key Responsibilities: Conduct Information Systems (IS), Cyber Security, and IS Concurrent Audits. Perform IT Outsourced Activities Audit in line with organizational and regulatory standards. Evaluate compliance with internal IS / IT / Cyber Security Policies, RBI & regulatory guidelines, and international best practices. Identify system vulnerabilities and support mitigation actions to enhance the Bank’s security posture. Execute Compliance, Migration, and Special audits as directed. Draft and maintain detailed audit synopsis reports and value statements as per policy and audit guidelines. Liaise with various auditee departments for evidence-based compliance and timely closure of audit observations. Regularly upgrade knowledge and share insights with the IS Audit team to build team capability. Key Result Areas (KRA): Timely and efficient conduct of all assigned Information System Audits. Ensuring prompt follow-ups for compliance reporting. Achieving timely audit report closure in line with internal timelines. Submitting accurate and regular audit status reports to senior management. Contributing to knowledge-sharing, mentoring, and skill development within the IS Audit team. Periodically reviewing and updating audit frameworks and checklists to reflect current regulatory and cyber trends

Job Title: Deputy Manager IS Audit Job Type: Permanent on the payrolls of the company. Department: Information Systems Audit Location: Mumbai/Hyderabad Interview Date Reference: Candidate qualifications & certifications must be valid as of 30.06.2025 Basic Qualifications (As on 30.06.2025): Educational Qualification: B.E. / B.Tech. in Computer Science / Software Engineering / IT / Electronics or equivalent discipline Minimum 50% aggregate marks Degree must be from a Govt. of India recognized university / institution / board or one approved by a government regulatory body. Professional Certifications: Mandatory: CISA (Certified Information Systems Auditor) from ISACA, USA (Must be valid on the date of interview) Desirable: CEH (Certified Ethical Hacker) from EC-Council, USA Experience (Post-Education) (As on 30.06.2025): Essential: Minimum 4 years of work experience in BFSI / IT / Information Security Consultancy Out of which, 2 years must be in IS Audit / Cyber Security Audit / Information Security Consultancy Note: Training / Teaching experience will not be considered All claimed experience should be supported by employer-issued certificates Desired Technical Skills: Proficiency in Vulnerability Assessment & Penetration Testing (VAPT) tools such as: Nessus, Retina, SAINT, Kali Linux Key Responsibilities: Conduct Information Systems (IS), Cyber Security, and IS Concurrent Audits. Perform IT Outsourced Activities Audit in line with organizational and regulatory standards. Evaluate compliance with internal IS / IT / Cyber Security Policies, RBI & regulatory guidelines, and international best practices. Identify system vulnerabilities and support mitigation actions to enhance the Banks security posture. Execute Compliance, Migration, and Special audits as directed. Draft and maintain detailed audit synopsis reports and value statements as per policy and audit guidelines. Liaise with various auditee departments for evidence-based compliance and timely closure of audit observations. Regularly upgrade knowledge and share insights with the IS Audit team to build team capability. Key Result Areas (KRA): Timely and efficient conduct of all assigned Information System Audits. Ensuring prompt follow-ups for compliance reporting. Achieving timely audit report closure in line with internal timelines. Submitting accurate and regular audit status reports to senior management. Contributing to knowledge-sharing, mentoring, and skill development within the IS Audit team. Periodically reviewing and updating audit frameworks and checklists to reflect current regulatory and cyber trends

Educational Requirements Bachelor of Engineering Service Line Infosys Quality Engineering Responsibilities Hands-on knowledge of Security testing methodologies like OWASP Top 10, SANS 25 etc., Ability to perform automated and manual hands-on penetration security testing e.g. DAST, SAST and SCA, identifying security risks within applications, cloud infrastructure, security controls and Network systems. Experience with penetration testing tools (e.g. Burp) Extensive knowledge of attack payloads for discovering security vulnerabilities Plan, execute, and report on all testing activities and outcomes Create findings reports and communicate to stakeholders Must possess at least 5 years of experience in delivering VAPT in Web(Thin and Thick Client), Mobile and APIs Should have good and effective communication skills in English. (Oral and written) Technical and Professional Requirements: The successful candidate must be highly motivated, fast learner, flexible, willing to assume responsibility and deliver quality work on time Constantly identify opportunities for enhancing productivity using automation and process improvements. Exposure to scripting languages(e.g. Shell) Knowledge on DevSecOps Preferred Skills: Technology-Security Testing-Security Testing - ALL

About Us: Protectt.ai is Indias pioneering Mobile Threat Defense (MTD) platform focused on delivering cutting-edge solutions for mobile app, device, and transaction security. Our platforms advanced security technologies, including Runtime Application Self-Protection (RASP), enables in-app threat detection and real-time defense against sophisticated mobile attacks. We partner with Indias leading enterprises across Banking, Insurance, Finance, FinTech, and EdTech, helping secure their mobile ecosystems. Our platform is unparalleled in scale and innovationuniquely positioned through its comprehensive solution architecture and proprietary technology. Headquartered in Mumbai, with offices in Gurgaon and Chennai, we are rapidly expanding our global footprint with operations now in the Middle East and United States. We are proudly backed by Bessemer Venture Partners (BVP), a globally renowned venture capital firm investing in transformative technology companies and Bajaj Finance, one of Indias leading financial institutions committed to driving innovation in digital security Funding & Recognitions: Protectt.ai successfully closed its Series A funding round in January 2025, marking a significant milestone in our growth journey. Our innovations have earned multiple prestigious awards, including: • Security Product Company of the Year 2023 by Data Security Council of India (DSCI) • Cybersecurity Company of the Year 2023 by BWSECURITY • Innovative Security Product of the Year 2023 by BWSECURITY • DSCI Innovation Box Winner 2023 Role: Application Security Experience: 5+Years Job Location: Pune Qualification: B. E/ B. Tech/ M.E/ MTech/ MCA Requirements: • Proven experience in Mobile/Web application security testing, including both manual, automated techniques, VAPT, Secure Code Review. • Strong understanding of mobile platform architecture, security mechanisms, and common vulnerabilities. • Familiarity with mobile app development frameworks and languages (e.g., Swift, Kotlin, Java). • Experience with security testing tools such as Burp Suite, OWASP ZAP, MobSF, etc. • Excellent analytical and problem-solving skills. • Effective communication skills with the ability to clearly articulate technical findings recommendations. • Relevant certifications (e.g., OSCP, OSWE, CISSP, CEH) are a plus. Key Responsibilities: • Conduct comprehensive security assessments of mobile applications on various platforms (iOS, Android). • Perform offensive mobile application assessments. • Develop custom scripts and tools to assist in the testing process. • Analyze test results, prepare detailed reports, and provide recommendations for remediation. • Collaborate with development teams to integrate security best practices throughout the SDLC. • Stay updated on the latest security threats, vulnerabilities, and industry best practices. • Provide guidance and support to developers and other stakeholders on secure coding practices. • Perform manual and automated security testing to identify vulnerabilities such as OWASP Top 10, authentication flaws, authorization issues, insecure data storage, etc

Penetration testing and vulnerability assessment expertise – Active Directory, Cloud Security, Network Pentesting, Application Security Testing etc. Exploit development and advanced offensive security tactics – EDR Bypass Techniques etc.

Role & responsibilities The Web Accessibility Specialist is responsible for identifying issues through quality assurance testing and suggesting potential solutions for accessibility barriers based on the Web Content Accessibility Guidelines (WCAG) 2.1 or 2.0 Level A & AA standards, as well as compliance with the Americans with Disabilities Act (ADA) Section 508, and other accessibility related laws. Contributes to efforts aimed at delivering accessible websites, applications, and content by conducting quality. Job Description: • The candidate will be working as a Tester/QA and will be responsible for creating digital experiences that are inclusive and meet the needs of people with disabilities. The Accessibility Tester will advise the client/development team on how to make their digital content conform with accessibility standards and maximize the usability of users with disabilities. • The candidate will be performing accessibility evaluations of web pages, desktop applications, mobile apps, and other emerging platforms. • Basic knowledge of HTML / CSS / Javascript / AJAX / ARIA. • Knowledge of ADA/ Section 508/WCAG 2.0 & WCAG 2.1 compliance • Test the websites and applications using screen readers like JAWS, NVDA, Voice Over etc. Experience in using shortcuts and keystrokes for assistive technology. • Basic knowledge with and/or developing web content that achieves Priority 2 or Level AA conformance as prescribed by the W3C, (WCAG 2.0) while also complying with Section 504 of the Rehabilitation Act of 1973. • Strong analytical, communication, and team skills. Ability to communicate to a wide range of project stakeholders e.g. Executives, Managers, Designers, Developers, and Admin Preferred candidate profile Immediate joiner

Role & responsibilities: RBI, CSITE, NPCI, ISG, VAPT, Security Baseline, Patch Management, Various Audit remarks closure, Advisories and incidents, SOC incidents follow-up, ISO 27001 Compliance, DC Monthly notes preparation Required Skills: Security certifications like CISA & CISM & Compliance experience

Hi all, We are hiring for the role Information Security Architect Experience: 7 - 9 Years Location: Bangalore Notice Period: Immediate - 15 Days Budget: 20 LPA Only Skills: Information Security Architect -Bangalore Experience Required: 7 - 9 years Certifications: • Mandatory: CISSP (Certified Information Systems Security Professional) • Preferred/Added Advantage: AZ-500 (Microsoft Azure Security Technologies), CCSP (Certified Cloud Security Professiona Must-Have Skills CISSP Certification (Mandatory) Experience in secure architecture, threat modeling, and SD Elements Deep knowledge in application security, cloud (preferably Azure), and secure DevOps Familiar with frameworks like TOGAF, SABSA, NIST Strong collaboration and communication skills Experience using SD Elements for security requirements and issue tracking is mandatory. • Proficient in architecture frameworks such as TOGAF, SABSA, or NIST. • Good knowledge of cloud security (preferably Azure) and secure DevOps practices Good to Have Certifications: AZ-500, CCSP Tools: ThreatModeler, Microsoft Defender Frameworks: OWASP Top 10, MITRE ATT&CK If you are interested drop yor resume at mojesh.p@acesoftlabs.com Call: 9701971793

Job Title: IT Team Lead Experience: Min. 10+ Years Key Responsibilities: 1. Lead and manage end-to-end Vulnerability Assessment & Penetration Testing (VAPT) activities for applications, networks, systems, APIs, and cloud infrastructure. 2. Review and validate third-party VAPT reports, SOC reports and guide business units on remediation. 3. Stay up to date with the latest security threats, vulnerabilities, and expertise in usage of security tools(Like Nessus, Burp suite, Kali Linux etc) and techniques. 4. A high-level appreciation of security architecture & infrastructure. 5. Perform deep-dive cloud security assessments in AWS, Azure, or GCP environments. 6. Maintain centralized trackers, dashboards, and reports for: a) Vulnerability status and lifecycle b) SLA compliance c) Remediation progress d) Risk severity and exceptions 7. Ensure cloud applications follow secure development practices and conduct threat modelling when required. 8. Prepare and present regular status updates, executive summaries, and risk reports to senior leadership. 9. Validate vulnerability fixes through re-testing and update trackers accordingly. 10. Keep documentation of all VAPT activities and manage audit/compliance requests related to security testing. Qualification and Skills requirement: 1. Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field. 2. 1012 years of experience in VAPT and cloud application security, with at least 34 years in a lead role. 3. Expertise in cloud platforms (AWS/Azure/GCP) and cloud-native security controls. 4. Strong hands-on experience with tools such as Burp Suite, Nmap, Metasploit, Nessus, OWASP ZAP, Nikto , etc. 5. Excellent analytical, problem-solving, and communication skills. Preferred Certifications (Any of the following): 1. OSCP / OSCE / GPEN / GWAPT 2. Certified Ethical Hacker (CEH) 3. AWS Certified Security Specialty / Azure Security Engineer / GCP Professional Cloud Security Engineer How to Apply: Interested candidates are invited to submit their resume and cover letter to [Pallavi.kulkarni@anbglobal.com]. Please include Consultant- Information Security" in the subject line. Equal Opportunity Employer: ANB is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees. For more information about our company and culture, visit www.anbglobal.com

Dear Candidate, We are hiring a Security Engineer to design and implement security measures that protect IT systems, data, and networks against threats and breaches. Key Responsibilities: Design and deploy security solutions such as firewalls, IDS/IPS, and endpoint protection. Conduct vulnerability assessments, penetration tests, and threat modeling. Monitor systems for security incidents and respond promptly. Ensure compliance with security standards (ISO 27001, NIST, etc.). Collaborate with DevOps and IT teams to embed security best practices. Required Skills & Qualifications: Proficiency in security tools (Nessus, Metasploit, Splunk, Wireshark). Strong understanding of network and application security. Knowledge of cloud security (AWS, Azure, GCP). Experience with encryption, IAM, and incident response. Security certifications preferred (CISSP, CEH, OSCP). Soft Skills: Strong troubleshooting and problem-solving skills. Ability to work independently and in a team. Excellent communication and documentation skills. Note: If interested, please share your updated resume and preferred time for a discussion. If shortlisted, our HR team will contact you. Srinivasa Reddy Kandi Delivery Manager Integra Technologies

We are looking for a highly skilled and experienced Cyber Security Manager to join our team at Uniqus Consultech. Roles and Responsibility Develop and implement comprehensive cyber security strategies to protect against threats and vulnerabilities. Conduct risk assessments and penetration testing to identify potential security risks. Collaborate with cross-functional teams to ensure compliance with security standards and regulations. Design and implement secure network architectures and systems. Provide training and awareness programs on cyber security best practices. Stay up-to-date with emerging trends and technologies in cyber security. Job Requirements Strong understanding of cyber security principles and frameworks. Experience with security information and event management (SIEM) systems. Knowledge of threat intelligence and incident response methodologies. Familiarity with compliance frameworks such as HIPAA or PCI-DSS. Excellent communication and collaboration skills. Ability to work in a fast-paced environment and adapt to changing priorities.

Urgent Hiring ... Information Security Analyst Chennai 5-8 yrs Immediate to 30 days Skills- VAPT, Application Security, Vulnerability assessment, penetration Testing, web application testing, Mobile Testing, API Testing, Kali Linux, Burp suite.

JTSi Technologies India is looking for Application Security Engineer to join our dynamic team and embark on a rewarding career journey Analyzing customer needs to determine appropriate solutions for complex technical issues Creating technical diagrams, flowcharts, formulas, and other written documentation to support projects Providing guidance to junior engineers on projects within their areas of expertise Conducting research on new technologies and products in order to recommend improvements to current processes Developing designs for new products or systems based on customer specifications Researching existing technologies to determine how they could be applied in new ways to solve problems Reviewing existing products or concepts to ensure compliance with industry standards, regulations, and company policies Preparing proposals for new projects, identifying potential problems, and proposing solutions Estimating costs and scheduling requirements for projects and evaluating results

Your Role Evaluate software/product architecture to ensure security is embedded at the design phase. Develop cybersecurity artifacts such as threat models and lead mitigation discussions. Support engineering teams in triaging and resolving identified product vulnerabilities. Coordinate internal and external security and privacy assessments, including VAPT. Assist in formulating and implementing product security and privacy policies, standards, and procedures. Ensure compliance with defined security and privacy requirements and verify effectiveness of protection measures. Guide resolution of security audit findings and ensure timely closure. Provide strategic security risk management and advisory support for product and information security. Participate in incident response and assess risk and impact of security breaches. Review engineering changes, new services, and feature requests for security implications. Collaborate with tech leads and architects to ensure secure product development. Promote a culture of security awareness and continuous improvement across teams. Your Profile Strong experience in application, mobile, network, OS, and cloud security (experience range 7 to 15 years). Proficiency in AWS security, including AWS Solution Architect Associate and Security Specialty certifications. Hands-on expertise in static/dynamic code analysis, container security, and Kubernetes. Familiarity with security frameworks and standards like NIST 800-53, CIS/STIG, HI-TRUST, and SOC2. Knowledge of cryptography, PKI, OAUTH, 2FA, and secure software development lifecycle (SDLC).

Job Summary: We are seeking a skilled VAPT (Vulnerability Assessment and Penetration Testing) Analyst to join our team. In this role, you will be responsible for conducting comprehensive security assessments, including network penetration testing, black box testing, and vulnerability assessments. You will be working directly with our client while being employed under our payroll, ensuring a seamless and secure IT environment. Your expertise in IT project management and IT security will be crucial in managing and executing these security projects effectively. Major Objectives of the Job: Conduct network penetration testing to identify and exploit vulnerabilities. Perform black box testing to assess system security from an external perspective. Carry out thorough vulnerability assessments to pinpoint potential security threats. Operate as a penetration tester to ensure the robustness of security measures. Skills & Qualifications: Live PT Projects Handling Experience : Demonstrated ability to handle live penetration testing projects independently and efficiently. IT Project Management : Basic knowledge of IT project management principles. Experience with project management tools and methodologies to plan, execute, and oversee IT security projects. IT Infrastructure and Security Knowledge : Solid understanding of IT infrastructure components and security principles. Familiarity with network architecture, protocols, and security measures. Experience in Handling IT Security Projects : Proven experience in managing IT security projects from inception to completion, ensuring all security requirements are met and risks are mitigated. Key Responsibilities: Perform network penetration testing and black box testing to identify security vulnerabilities. Develop and implement testing strategies, methodologies, and tools to ensure comprehensive security assessments. Document and report findings, providing actionable recommendations to improve security posture. Collaborate with IT and security teams to address vulnerabilities and enhance overall network Stay up-to-date with the latest security trends, tools, and techniques to continuously improve testing Manage multiple IT security projects simultaneously, ensuring timely and successful completion. Desired Qualifications: Bachelors degree in Computer Science, Information Technology, Cybersecurity, or a related field. Relevant certifications such as CEH (Certified Ethical Hacker), OSCP (Offensive Security Certified Professional), or CISSP (Certified Information Systems Security Professional) are a plus. Strong analytical and problem-solving skills. Excellent communication skills, both written and verbal. Ability to work independently and as part of a team.