120 Vapt Jobs

Skill required: Tech for Operations - Security Governance Designation: Security Delivery Associate Manager Qualifications: BE/Master of Engineering Years of Experience: 10 to 14 years About Accenture Combining unmatched experience and specialized skills across more than 40 industries, we offer Strategy and Consulting, Technology and Operations services, and Accenture Song all powered by the worlds largest network of Advanced Technology and Intelligent Operations centers. Our 699,000 people deliver on the promise of technology and human ingenuity every day, serving clients in more than 120 countries. Visit us at www.accenture.com What would you do You will be part of the Technology for Operations team that acts as a trusted advisor and partner to Accenture Operations. The team provides innovative and secure technologies to help clients build an intelligent operating model, driving exceptional results. We work closely with the sales, offering and delivery teams to identify and build innovative solutions.The Tech For Operations (TFO) team provides innovative and secure technologies to help clients build an intelligent operating model, driving exceptional results. Works closely with the sales, offering and delivery teams to identify and build innovative solutions. Major sub deals include AHO(Application Hosting Operations), ISMT (Infrastructure Management), Intelligent AutomationA process of establishing and maintaining a security governance framework. Support management structure and processes to provide assurance that information security strategies are aligned with and support business objectives are consistent with applicable laws and regulations through adherence to policies and internal controls, and provide assignment of responsibility, metrics, reporting all in an effort to manage the risk and compliance requirements. What are we looking for Commitment to qualityExperience in research and developmentNegotiation skillsProblem-solving skillsRisk managementThe role demands Indepth knowledge in application security area. Candidate should have hands on experience in SAST, DAST, Penetration testing. DevSecOps and Software composition analysis are other areas where the candidate should have experience in.The role also demands capability of scripting using Python and other related required knowledge of database and networking.Certifications like CISSP, CCSP, CISM, CEH, ECSA etc. will be added advantage. Roles and Responsibilities: In this role you are required to do analysis and solving of moderately complex problems Typically creates new solutions, leveraging and, where needed, adapting existing methods and procedures The person requires understanding of the strategic direction set by senior management as it relates to team goals Primary upward interaction is with direct supervisor or team leads Generally interacts with peers and/or management levels at a client and/or within Accenture The person should require minimal guidance when determining methods and procedures on new assignments Decisions often impact the team in which they reside and occasionally impact other teams Individual would manage medium-small sized teams and/or work efforts (if in an individual contributor role) at a client or within Accenture Please note that this role may require you to work in rotational shifts Qualification BE,Master of Engineering

Job Description: Basic Knowledge on: SIEM Incident Monitoring / Analysis Networking Information Security VAPT / PT Identifying & Reporting incidents & tracking to closure Desired Candidate Profile B.E/B.Tech in IT/CS/Cyber Security or PG degree in Information Security (2024 & 2025 passed outs) Should have cleared 10th & 12th Standard in first appearance Should have completed any certification related to Networking/Information Security. Shortlisted candidates should be ready to sign a service agreement for 2years Note: CEH Certified or any global certification related to cyber security is required.

Cyber & Information Security team is seeking a Third-Party Security Analyst. Reporting to the Director of Cyber & Information Security, the analyst will perform third-party security assessments. You will work with a team of professional Security Analysts leveraging Next Gen security tools to perform the full lifecycle of third-party reviews from onboarding to real-time monitoring of vendors and suppliers. Responsibilities, Functions and Duties : - Conduct technical security assessments of third-party vendors, suppliers and partners by reviewing their security controls, adherence to regulations, compliance and contracts. - Analyze third-party security assessment findings and document security risks within the management software for tracking of risk reporting. - Coordinate with various stakeholders to verify and remediate security risk findings. - Develop KRIs and KPIs around third-party risk assessments and the remediation of key findings. - Develop, Update, and Publish Policies and Standard Operating Procedures for third-party risk management. - Continuously monitor for active vulnerabilities and cyber events against our vendors and suppliers. - Participate in third-party cyber incident response by reaching out to impacted vendors and tracking remediation. - Be an ambassador for Cyber & Information Security within Crum & Forster. Requirements Knowledge and Requirements : - Previous experience performing technical security audits or third-party assessments. - Understanding of current Cyber Vulnerabilities & threats. - Knowledge of security assessments (SOC reports, ISO/NIST, vulnerability and pen testing assessments). - Fundamental understanding of system and network security principles and technology. - Ability to interface with a wide audience of technical and non-technical personnel. Cyber 3rd Party Risk Analyst - Ability to prioritize and manage workloads and deadlines. - Excellent written and verbal communication skills. - Self-starter who is motivated and driven to learn. - Bachelors degree in a technical discipline or equivalent experience Preferred Qualifications : - Prior experience and/or certifications in AWS, Azure, and/or GCP. - Experience in performing third-party assessments of SaaS providers and vendors operating in cloud environments. - Experience performing risk assessments. - Any Security focused Certifications. - 3-5 year Cybersecurity related experience.

Flutter JD 5+ years: Responsibilities: Develop high-quality, responsive mobile applications using Flutter for Android and iOS. Translate UI/UX designs into clean, efficient Flutter code. Integrate with RESTful APIs, WebSockets, Firebase, or GraphQL backends. Write unit, widget, and integration tests to ensure app stability. Deploy apps to Google Play Store and Apple App Store. Handle push notifications, deep linking, in-app purchases, and third-party integrations. Skills: Strong experience in Flutter & Dart . Bypassing Non-SSL Pinning for VAPT DE fluttering concepts for VAPT Solid understanding of Android (Java/Kotlin) and iOS (Swift/Objective-C) development principles. Familiarity with native integration via platform channels . Proficiency in using Git , CI/CD tools (Fastlane, Codemagic, GitHub Actions, etc.). Experience with Firebase , local storage (Hive, SQFlite) , and secure storage . Strong grasp of app lifecycle, state management, and architecture (MVVM, Clean Architecture). Understanding of publishing process for both Play Store and App Store. Knowledge of performance profiling , memory management, and responsive UI . Experience working with Agile/Scrum methodologies.

Seeking a skilled Vendor Assessment and Penetration Tester to join our Cyber Security team. The individual in this role will be responsible for evaluating the overall security posture of third-party vendors, conducting penetration tests on external systems, applications, and services, and ensuring compliance with security standards KEY RESPONSIBILITIES 1. Representative from Security across the organization for performing Risk Assessments for any new projects from IT/Infrastructure/Security point of view. 2. Work with the AppSec team for the Vulnerability Assessment and Penetration Testing on Web Applications, APIs, Mobile Apps and Cloud Environment. Also ensure Application Source Code is scanned as per Security Best Practices. 3. Work along with the Server & Application team for Vulnerability & Configuration Assessment, Firewall Rule Review and Baseline Standards review. 4. Work Along with endpoint and server team for Freeware and License Softwares/applications assessment and installation. 5. Collaborate with the Development Team, IT and Business Stakeholders for tracking, remediation of the open issues and bring to closure. 6. Ensure adherence to Compliance Standards such as ISO 27001, NIST, OWASP, etc. 7. Provide technical guidance and mentor ship to VAPT team. 8. Review the Security Assessment Reports, escalate and follow up with stakeholders for mitigation. 9. Understand the organizations infrastructure and perform deep dive analysis of the processes, tools & technologies and identify the associated risks. 10. Document the risks and associated controls in place (risk register). 11. Knowledge on Attack Surface Management, Breach Attack Simulation & Bitsight Monitoring. 12. Knowledge of WAF with OWASP Top 10 vulnerabilities and Virtual Patching for reducing the Risk Exposure. 13. Hands on experience on Security Tools such as Tenable Security SC, Nessus, Qualys VMDR etc. 14. Assist in other BAU activities based on the feasibility. 15. Manage Vendor Relationship and security assessments for third party applications. 16. Stay updated with emergency cybersecurity threats, exploits and security trends to enhance the security posture. MANDATORY SKILLS REQUIRED 1. Bachelor's degree in Information Security, Computer Science, or a related field (or equivalent experience). 2. Proven experience in performing penetration tests and security assessments, with a strong understanding of common attack vectors. 3. Strong knowledge of web application security, network security, and common vulnerabilities (e.g., OWASP Top 10). 4. Hands-on experience with penetration testing tools (e.g., Burp Suite, Kali Linux, Metasploit, Nmap, etc.). 5. Familiarity with risk management frameworks (e.g., NIST, ISO 27001, CIS). 6. Familiar with Web Application Firewall, Incident troubleshooting and Virtual Patching. 7. Knowledge of vendor risk management processes and frameworks. 8. Understanding of cloud security, network infrastructure, and security compliance regulations. 9. Ability to analyze complex security issues and clearly communicate them to non-technical stakeholders. 10. Certifications such as OSCP, CEH, CISSP, or similar are a plus.

Securze is hiring Security Analysts (L2/L3) in Mumbai with 3+ yrs experience in pentesting, red/blue teaming, AD attacks, and network security. Hybrid role. Must be technically strong, confident, and eager to learn. Immediate joiners only.

Job Summary Assist in implementing, maintaining and testing SOX controls supporting the Application Managers for custom applications and 3rd party Applications, support internal and external audits, and identify potential SOX compliance risks. Key Responsibilities: Pre-Implementation Quality CheckConduct a thorough review of controls design and implementation before product/functional go-live, based on evidence submitted by engineering and application management teams. SOX ITGC and Automated Controls EvaluationTest and evaluate the effectiveness of SOX IT General Controls (ITGC) and automated controls using audit checklists prepared by the Controls team to: Maintain SOX controls for internal and third-party products Support internal and external audits related to SOX compliance Control Testing DocumentationDocument control testing procedures and findings in a clear and concise manner. Control Deficiency Identification and ReportingIdentify and report any control deficiencies or weaknesses to ensure prompt remediation. SOX Compliance ReportingPrepare comprehensive reports and documentation for SOX compliance activities, including testing results and control evaluations. Cross-Functional CollaborationCollaborate with cross-functional teams to ensure the thoroughness and accuracy of controls implementation and testing. Educational Qualifications: Bachelor's degree in engineering, finance, or a related field CIA, CISA or CISSP certification Experience: 5-7 years of experience in SOX compliance testing, internal controls, or auditing Knowledge: Strong understanding of SOX regulations, internal controls, and accounting principles. Familiarity with auditing Oracle, Workday and/or Salesforce suite of applications. Skills: Strong analytical and problem-solving skills Excellent communication and interpersonal skills Ability to work independently and as part of a team CertificationCISA preferred Deliver No. Performance Parameter Measure 1. Customer centricity Timely security breach solutioning to end users, Internal stakeholders & external customers experience 2. Process Adherence Adherence to SLAs (90-95%), response time and resolution time TAT Mandatory Skills: GRC Consulting. Experience5-8 Years.

We are looking for candidates who have a zeal for technology and innovation. TheSelected candidates will be a part of any of the below Business Units. 1.Cyber Security Operations 2. CyberSecurity Engineering/ GRC EligibilityCriteria University degree in the field ofengineering and technology stream such as BE/ BTech/MTech/MSc/MCA preferablyspecialisation in Cyber Security, Computer Engineering, IT or EXTC Pass out: 2025 BatchONLY 10th & 12th 65 % & above Work Mode : Work From Office (5 Days) Experience/Knowledge: Fundamental knowledge in InformationTechnology Infra and Cyber Security Knowledge of Risk analysis , identification,resolution and management Awareness on Data security/privacy analysisand related practices Knowledge of Computer hardware / software /programming Networking and System/DatabaseAdministration knowledge Network Security Control knowledge asFirewall, Proxy, LB ,WAF etc. New Infra security project deploymentskills and excellent verbal and written communication skills Basic knowledge, VPN , VAPT , AD , SOC , DLP , Antivirus , Mail Gateway ,NAC etc Basic knowledge of Application & APISecurity best practices and standards including OWASP top 10, OSSTMM, SANS Top25, Attacks, Malware etc Basic knowledge about Information Security,network security, Data security, risk assessment and governance requirements. Understanding of secure coding practicesand application security Understanding of the IS and Cyber securityAudit Framework Excellent analytical skills Excellent English written and verbalcommunication. Good at public speaking and stakeholder management Responsibilities Cyber Security Operations Monitoring and protecting ITinfrastructure, edge devices, networks, and data. Responsible for preventing data breachesand monitoring and reacting to attacks. Supporting day-to-day support Tasks Cyber Security Engineering/GRC Basic documentation for Infra securityservices. Documentation of SOP, Product review. Perform Security configuration review &Hardening using CIS benchmarks. Define hardening documents for Firewalls,Load balancers, WAF, IPS/IDS, NTA etc Provide security compliance report tomanagement on periodic basis for Infrastructure landscape. Analysis and evaluation of openvulnerability within IT Infrastructure Responsible for deploying, tuning, andmaintaining security policies and enhancements on the web application firewall,Load balancer and infra devices.

We are looking for someone who has good hands on experience in VAPT. This role is with one of the government department of Maharashtra. Education: B.E/B. Tech / M.Sc. (Comp. Sci) / MCA / MBA/ M. Tech degree or equivalent. Should be a certified auditor. 6 or more years of overall experience with at least 6 years of relevant experience in Vulnerability Analysis, Penetration Testing and/or forensics. Must have experience in managing at least 3 projects for large, enterprise scale Clients. should have at least two industry certifications as mentioned below: 1. Licensed Penetration Tester (LPT) 2. Certified Penetration Testing Professional (CPENT) 3. Certified Expert Penetration Tester (CEPT) 4. GIAC Penetration Tester (GPEN) 5. CompTIA PenTest+ 6. Certified Ethical Hacker (CEH) 7. Certified Mobile and Web App Penetration Tester (CMWAPT) 8. Computer Hacking Forensic Investigator (CHFI) 9. Certified Information System Auditor (CISA) 10. Certified Information Security Manager (CISM) 11. Other acceptable industry related certification in VAPT. 12. OSCP

Roles and Responsibilities: VAPT: Assisting with Vulnerability Assessment and Penetration Testing of: Web Applications Mobile Applications APIs Network Infrastructure 2. ISMS/GRC : Assisting with tasks related to: ISO 27001 Governance, Risk, and Compliance (GRC) activities Eligibility Requirements: Status: Currently pursuing final year of B.Tech OR B.Tech Graduate Branch: Computer Science Engineering, Information Technology, Artificial Intelligence, or Cyber Security Communication: Excellent Communication Skills (preferably from ICSE board)

Job Title: VAPT Engineer (Bug Bounty Experience Preferred) Location: Ahmedabad, Gujarat (Only candidates from Ahmedabad will be considered) Job Description: We are seeking a passionate and skilled VAPT Engineer with a strong background in Bug Bounty programs and application security. The ideal candidate should be based in Ahmedabad and ready to contribute to our growing cybersecurity team. Key Responsibilities: Conduct Vulnerability Assessment and Penetration Testing (VAPT) for web applications, mobile apps, APIs, and networks. Identify and exploit vulnerabilities, especially business logic flaws, using manual and automated tools. Actively contribute to bug bounty programs and utilize the same methodology in internal assessments. Analyze scan results, identify false positives, and provide accurate risk ratings. Prepare comprehensive technical reports , document findings, and suggest remediation measures. Collaborate with development and infrastructure teams for patch management and fixing identified vulnerabilities. Follow and apply security standards such as OWASP Top 10 , SANS , and industry best practices . Required Candidate Profile: Education: B.Tech / B.E. / BCA / BSc in Computer Science or Information Technology. Experience: Fresh graduates or up to 1 year of hands-on experience in VAPT or Bug Bounty (professional or personal). Practical exposure to bug bounty platforms like HackerOne , Bugcrowd , or similar. Certifications: OSCP or equivalent (preferred).

Essential Services : Role & Location fungibility At ICICI Bank, we believe in serving our customers beyond our role definition, product boundaries, and domain limitations through our philosophy of customer 360-degree. In essence, this captures our belief in serving the entire banking needs of our customers as One Bank, One Team . To achieve this, employees at ICICI Bank are expected to be role and location-fungible with the understanding that Banking is an essential service . The role descriptions give you an overview of the responsibilities, it is only directional and guiding in nature. About the role As a Lead Information Security Resiliency and Vulnerability Assessment & Penetration Testing Manager, you will be responsible for defining the scope for annual Vulnerability Assessment & Penetration Testing (VAPT) activity and handling end-to-end third party VAPT assessment activity. The selected applicant, would be accountable for managing organizations cyber resiliency and for implementing cyber resilience goals. Key Responsibilities Business Understanding Understanding/Knowledge of information security domains, risks, mitigation and overall management. Experience and knowledge of servers, networks, security devices etc. Collaborate Interaction with various stakeholders/teams on daily basis. Ability to communicate effectively with Heads of various teams. Proactively coordinating with different teams for tracking and closure of open observations and escalating when necessary. Vendor Management Facilitating the vendor with requirements for carrying out the VAPT assessment. Vendor selection, evaluation and finalization for the annual Vulnerability Assessment & Penetration Testing (VAPT) activity. Candidate should review the draft reports shared by vendors and suggest if any changes required, Validation of final reports. Timely communication of final reports to relevant stakeholders. Qualifications & Skills Educational Qualification Engineering Graduate in CS, IT, EC or InfoSec, CyberSec or MCA equivalent. Certifications ISO27001, CISSP, CISM Compliance Candidate should validate the security controls deployed across DC, DR, NDR and COLO environment and prepare the quarterly resiliency report to share with senior management. Synergize with Team Ability to work collaboratively with different teams for closure of activities. Strong analytical and problem-solving skills. Experience in the banking domain will add an advantage. Strong understanding and hands-on experience of VAPT activity and Information Security resiliency. Communication skills Excellent communication and interpersonal skills.

Job Title: Lead SME Cybersecurity and Infosec Location: Pune About Zygal - Zygal is built on a decade of product development and manufacturing expertise, where innovation is at our core. From the outset, we recognized the limitations of conventional cameras in securing premises. Our relentless pursuit of an unparalleled security and surveillance ecosystem has positioned us at the forefront of AIoT innovation, driven by AI and Robotic Process Automation (RPA). We aspire to establish Zygal as a global brand in B2B security surveillance, leveraging our SaaS model to power our solutions. We have earned the trust of industry giants in critical sectors such as BFSI, retail, logistics, and supply chain management, serving over 25,000 locations nationwide. Our cloud- based AIoT ecosystem currently manages a vast network of over 3.5 million connected devices, processing more than 1.2 billion alerts annually to meet the ever-evolving demands of security and surveillance. Duties and Responsibilities 1. Discover and Mitigate Cyber Risks and exploitable vulnerabilities on the internet facing apps/assets 2. Conduct Regular Vulnerability Assessment and Penetration Testing of the applications 3. Experience with latest technologies and security standards such as OWASP, CVSS, Mitre etc. 4. Mobile App Reversing and pen testing as Android and iOS applications security standards 5. Familiarity with malicious code identification and common hacker attack techniques 6. Conduct regular Secure Code and Architecture Review, SAST and DAST 7. Latest technology security- API, Microservices, RPA, IOT etc. 8. Ethical Hacking and Red Teaming Activity (Addon preferred) 9. Assess Third Party Partner vulnerabilities and security risk 10. Remediations, Closures Tracking, Reporting and Management of all Cyber Risks 11. Engage with technology Teams and partners and business units to resolve identified vulnerabilities within acceptable timelines 12. Design and deliver actionable Information Security dashboards and scorecards 13. Work with partners in carrying out comprehensive VAPT assessment 14. Advanced understanding with working experience collecting and tracking threat intelligence 15. Experience working with tracking, communicating, and prioritizing vulnerabilities and cyber threats to an enterprise-wide organization Required Qualifications and Experience 1. Engineering / Computer Graduate with 3-5 years of Information / Cyber Security Experience 2. Relevant Security Certifications like CEH, CPENT, PNPT, EJPT, EWPT, OSCP etc. preferred 3. Prior experience of Security Testing, OWASP Top 10 and application security 4. Prior experience of Penetration Testing Web Application, Mobile Applications and API Security testing 5. Sound in latest application technologies and network attacks execution 6. Good Written and Verbal Communication with Presentation Skills Good Team Player and sound in stakeholder management 8. Threat Modelling, Cloud Security and WAF basics clarity 9. DevOps / DevSecOps and Source Code security review experience is added boon 10. Well versed with related tools and techniques of all the above Role: Lead SME - Cyber Security Department: IT & Information Security Employment Type: Full Time, Permanent Role Category: IT Security Experience: 5 to 8 Years Education

We are looking for a Senior Linux Support Specialist to take full ownership of hybrid infrastructure environments hosted across AWS, Azure, and On-Premises setups. The ideal candidate will play a critical role in ensuring system stability, security, and performance while driving automation and standardization across 100s of Linux servers. This is a hands-on technical role requiring deep expertise in Linux, security hardening (CIS benchmarks), vulnerability remediation, and automation of infrastructure tasks. Key Responsibilities: Linux Server Management & Operations Manage, monitor, and support large-scale Linux environments (RHEL, CentOS, Ubuntu, etc.) Perform OS upgrades, patching, and package management across hundreds of servers Troubleshoot and resolve advanced Linux system issues (performance, kernel, services, etc.) Security Hardening & Compliance Implement and maintain CIS hardening standards across all Linux servers Remediate VAPT (Vulnerability Assessment and Penetration Testing) and CIS benchmark findings Develop automation scripts/tools to roll out security configurations across the fleet Work closely with the security team to ensure system compliance with industry best practices Automation & Configuration Management Automate OS hardening, patch management, and system provisioning using tools like Ansible, Bash, Python, or Terraform Create and maintain playbooks and scripts for repeatable tasks Streamline deployments and configuration drifts across cloud and on-prem environments Cloud & On-Premise Support Support hybrid environments on AWS, Azure, and On-Prem Assist in provisioning, scaling, and securing cloud-based Linux workloads Monitor platform uptime, availability, and performance metrics Cost & Resource Optimization Collaborate with DevOps/cloud teams to optimize cloud usage and reduce infrastructure costs Implement monitoring and alerting to proactively identify performance or cost anomalies Skills & Qualifications: Must-Have Skills: 3+ years of hands-on experience with Linux system administration Deep understanding of CIS benchmarks and security hardening techniques Strong scripting skills (Bash, Python, etc.) Proven experience with Ansible or similar configuration management tools Solid knowledge of AWS and Azure Linux instances and best practices Experience in managing vulnerability remediation and patch management Familiarity with VAPT assessments , security tools, and remediation workflows Good to Have: Experience with container technologies (Docker, Kubernetes) Infrastructure as Code (Terraform, CloudFormation) Monitoring tools (Prometheus, Nagios, CloudWatch, etc.) Certification in RHCE, AWS SysOps, Azure Administrator, or related areas

Role & responsibilities Main Priorities: Plan and execute VA/PT projects across digital assets. Identify, assess, and report vulnerabilities and risks. Collaborate with IT and development teams for remediation. Ensure compliance with cybersecurity standards (ISO 27001, NIST, GDPR). Provide regular updates and final reports to stakeholders. Drive continuous improvement in VA/PT processes. Preferred candidate profile Strong understanding of VA/PT methodologies and tools (e.g., Nessus, Metasploit, Burp Suite). Familiarity with operating systems, network protocols, and security frameworks. Knowledge of ISO 27001, NIST, GDPR compliance. Strong project management and documentation skills. Excellent communication, leadership, and problem-solving abilities.

Role: Technology Analyst - IT Services(Cyber Security) Location-PUNE Experience-6+Years Notice Period-Immediate Joiners Education-BE/BTECH Scripting experience Must have worked on security products like firewall, AV, Patch, VAPT, Qualys etc. Java, Python, firewell, scripting coding, power Shell scripting. Certification like basic MS, Linux or CCNA types ensuring basic should be clear. Experience of at least 5+ years Expertise in cloud security testing & validation Scripting experience like Python, PowerShell bash etc Team Management and Leadership Cybersecurity Expertise Vulnerability Assessment & remediation Penetration Testing IT Risk Management, Security Compliance & Governance. Exposure to the tools like Qualys, Nessus, Workspace one Regards, Infosys Recruitment Team

Role & responsibilities Responsibilities: • Escalate validated and confirmed incidents to designated SOC Lead/ Incidents response team. • Security Event Correlation as received from L2 SOC or Incident Response staff or relevant sources to determine increased risk to the business. • Indepth knowledge on multiple SIEM platforms like Securonix, IBM QRadar, LogRhythm, Arcsight, FortiSIEM , Microsoft Sentinel, and others • Support the SOC Manager in his duties (e.g. extension of SOC services) • Update Security Operations reporting • Triage security events and incidents, detect anomalies, and report/direct remediation actions. • Development and execution of SOC procedures • Should have indepth knowledge of Firewall, EDR, IDS/ IPS, VPN, Cloud Security • Should have hands on Experience in Threat Hunting. • Should have good hands-on experience in VAPT. • Should have good knowledge in integrating TI feeds and Third-Party tools. • Should have knowledge in Building SIEM platform with SOAR, NBAD, UEBA Integration. • Should have hands on experience in developing Use case and Parser Creation. • Should have knowledge in Breach simulation attack. • Sound knowledge in Unix, Linux, Windows, and security devices like firewall, etc. • Preparation of RCA, Preparation of runbook and Training to L2 and L1 team. Qualification: B.E./B.Tech/MCA Certification CEH, ECIH, CISSP, CISM, GCIH, GCFA, Certified Threat Hunter, SIEM certifications for platforms like (Qradar, LogRhythm etc) Work experience: 8 + Years NOTE : Work location will be Mumbai Andheri Seepz, and this is permanent Work from Office role NO HYBRID Option

What Youll Do Drive international B2B sales across North America, Europe, and APAC marketsSell a wide suite of cybersecurity services, including: Information Security Compliance (ISO 27001, ISO 13485) Data Protection (GDPR, HIPAA, HITRUST) Vulnerability Assessments & Penetration Testing (VAPT)Threat Detection & ResponseCloud Infrastructure & Security Services Manage the entire sales cycle: prospecting, solutioning, pitching, negotiation, and closureBuild and maintain CXO-level relationships with decision-makersCollaborate with technical consultants to tailor solutions for client pain pointsMonitor emerging cyber threats and evolving compliance mandates to create relevant value propositions Who You Are 8–12 years of proven experience in international sales for IT or cybersecurity servicesHands-on experience in end-to-end solution selling with high-value deal closuresDeep understanding of cybersecurity frameworks, data protection regulations, and compliance standardsStrong communication, negotiation, and consultative selling skillsBased in or willing to relocate to Ahmedabad for a full-time office roleSelf-driven, strategic, and performance-focused with a flair for storytelling Why Join Us? Niche focus on cybersecurity for regulated industries Agile, innovation-driven work culture backed by Communication Crafts Direct access to leadership and opportunity to shape global growth Attractive performance incentives & career growth roadmap Apply for this job sharer with someone awesome VI

Who we think will be a great fit. A passion for information security with a hacker mindset! Self-motivation and Proactiveness Communication skills What we need... We want people with preferably two or more, of the following: 1. Web Application Security Testing. Knowledge about BURP Suite, manual and automated SQLi Bypass filters that detect SQLi, XSS, etc. People who don't think Injection means only SQLi but SSTI, SSJI, ORMi [HQLi], LDAPi, Eli, XMLi etc. 2. Network Infrastructure Testing. Ability to write custom scripts and wrappers. Knowledge of tools like Responder, Ettercap, tcpdump, Empire, etc.not just Nmap and Nessus Have good knowledge about PowerShell scripting and AD/DC infrastructure. 3. Mobile App Testing. Root/jailbreak and Certificate pinning bypass without any automated tool Dynamic instrumentation using Frida De-obfuscation of APK/IPA file 4. IoT Testing. MQTT attacks Fuzzing of IoT devices Firmware extraction 5. Cloud Testing. A good understanding of the cloud infrastructure that includes AWS, Azure and Google cloud. Have a good understanding of microservices architecture. 6. Secure Code Review. Ability to visualize and compile applications without any compiler (in your mind). Has the ability to learn a new programming language on-the-go. Preferred candidate profile : Candidates with relevant professional experience will be given preference.

https://zrec.in/ai3DV?source=CareerSite

Job Title: Cyber Security Engineer Location: Hyderabad Industry: Payment Card Processing / Fintech About the Role: We are looking skilled Cyber Security Engineers , you will be part of a global security landscape, helping enhance threat detection capabilities and ensure compliance readiness through active management and fine-tuning of SIEM systems and security tools. Key Responsibilities: Manage and fine-tune SIEM tools primarily Microsoft Sentinel and Wazuh Ingest, analyze, and correlate logs from tools such as CyberArk , JumpCloud , Encore , and other core platforms Update and optimize alert rules and detection logic to reduce false positives and improve threat visibility Assist in maintaining and managing the CyberArk PAM environment Collaborate with internal security teams and interface with audit teams to fulfill compliance obligations Support threat monitoring, detection, and initial incident triage activities across regions Provide technical input on security configurations and enhancements based on evolving threat and compliance needs Contribute to documentation and compliance reporting as required Help with Pen testing of all applications, coordinate with stakeholders to remediate the gaps. Key Requirements: 5–6 years of experience in Cybersecurity Engineering, SOC, or SIEM operations Hands-on experience with Microsoft Sentinel and/or Wazuh SIEM Familiarity with CyberArk or similar PAM solutions Proficiency in managing log ingestion pipelines and rule configuration Strong understanding of threat detection, incident response, and log correlation techniques Ability to work across teams and communicate effectively with audit/compliance stakeholders Experience working in a regulated environment (e.g., fintech, payment systems, banking) is a strong plus Nice to Have: Experience with compliance frameworks like PCI DSS, ISO 27001, or SOC 2 Familiarity with scripting or automation for security rule tuning Exposure to cloud-native security tools (Azure, GCP, etc.)

Desired Candidate The ideal candidate is a proactive and detail-oriented professional with strong leadership skills and a passion for cybersecurity. They should have excellent communication abilities to convey technical concepts to diverse audiences and a proven track record of managing teams and fostering a culture of security awareness. Adaptable and ethical, the candidate thrives in dynamic environments and collaborates effectively to address evolving cyber threats while maintaining the highest standards of confidentiality and integrity. Responsibilities: Strategic Planning: Develop, implement, and maintain a comprehensive cybersecurity strategy aligned with organizational goals. Risk Management: Identify, assess, and mitigate potential cybersecurity risks and vulnerabilities across systems, applications, and networks. Incident Response: Lead and coordinate incident response activities, ensuring quick containment, recovery, and root-cause analysis of security breaches. Compliance and Standards: Ensure adherence to relevant regulatory standards (e.g., GDPR, ISO 27001) and internal security policies. Team Collaboration: Lead and mentor the cybersecurity team, fostering skill development and ensuring alignment with security objectives. Stakeholder Communication: Act as a liaison between technical teams and senior management, translating technical risks into business terms. Continuous Improvement: Monitor and evaluate the effectiveness of security measures, and recommend enhancements to maintain a robust security posture. Tool and Technology Management: Oversee the deployment and management of security tools (e.g., SIEM, firewalls, endpoint protection, etc.) to ensure system integrity and confidentiality. Training and Awareness: Develop and conduct security training programs to promote awareness and compliance across the organization. Requirements: Education: Bachelors or Masters degree in Cybersecurity, Information Technology, Computer Science, or a related field. Experience: 6-10 years of experience in cybersecurity roles with progressive leadership responsibilities. Certifications: CISSP (Certified Information Systems Security Professional)[Ongoing is acceptable]. Additional certifications (e.g., CISM, CEH) are a plus. Technical Expertise: Strong understanding of security architecture, protocols, and best practices. Experience with tools like SIEM, IDS/IPS, endpoint security, firewalls, and vulnerability management systems. Knowledge of cloud security (AWS, Azure, GCP) and securing hybrid environments. Soft Skills: Excellent verbal and written communication skills for technical and non-technical audiences. Strong leadership, project management, and team collaboration abilities. Analytical and problem-solving mindset with attention to detail.

Responsibilities: * Ensure compliance with PCI DSS, NIST, HIPAA & ISO standards. * Design, implement & maintain secure systems using Infosec principles. * Conduct regular security audits & risk assessments. * Experience in SOC and SIEM tools-Qradar

Date 7 Jun 2025 Location: Bangalore, KA, IN Company Alstom Req ID:478631 Could you be the full-time Cybersecurity Engineer Cyber Applications in Bangalore were looking for Your future role Take on a new challenge and apply your cybersecurity and system/network administration expertise in a new cutting-edge field. Youll work alongside innovative, dedicated, and supportive teammates. You'll maintain and enhance the security of Alstoms products and solutions, ensuring the integrity and resilience of our transport networks. Day-to-day, youll work closely with teams across the business (such as V&V, platform validation, and regional cybersecurity), execute design and deployment activities, and much more. Youll specifically take care of the maintenance of cybersecurity tools and applications, but also prepare and execute design & deployment activities for various projects and programs. Well look to you for: Maintaining cybersecurity tools and applications Preparing and executing design & deployment activities Executing specific testing activities and preparing reports Supporting validation and verification teams Acting as the administrator for cybersecurity applications Identifying cybersecurity tools and practices and providing guidance All about you We value passion and attitude over experience. Thats why we dont expect you to have every single skill. Instead, weve listed some that we think will help you succeed and grow in this role: Degree in Computer Science, Information Technology, or equivalent Experience or understanding of cybersecurity in the context of industrial control systems or network administration Knowledge of design & deployment of NIDS such as Fortinet, Nozomi, Dragos, etc. Familiarity with system administration of Windows or Linux servers/systems A certification like MCSE, RHCE, LPIC, CCNA, or Network+ Preferably a cybersecurity certification like ECSA, Security+ Strong communication skills and the ability to work in a matrix organization Things youll enjoy Join us on a life-long transformative journey the rail industry is here to stay, so you can grow and develop new skills and experiences throughout your career. Youll also: Enjoy stability, challenges and a long-term career free from boring daily routines Work with new security standards for rail signalling Collaborate with transverse teams and helpful colleagues Contribute to innovative projects Utilise our flexible working environment Steer your career in whatever direction you choose across functions and countries Benefit from our investment in your development, through award-winning learning Progress towards roles of greater responsibility and leadership Benefit from a fair and dynamic reward package that recognises your performance and potential, plus comprehensive and competitive social coverage (life, medical, pension) You dont need to be a train enthusiast to thrive with us. We guarantee that when you step onto one of our trains with your friends or family, youll be proud. If youre up for the challenge, wed love to hear from you! Important to note As a global business, were an equal-opportunity employer that celebrates diversity across the 63 countries we operate in. Were committed to creating an inclusive workplace for everyone.

Your potential, unleashed. Indias impact on the global economy has increased at an exponential rate and Deloitte presents an opportunity to unleash and realize your potential amongst cutting edge leaders, and organizations shaping the future of the region, and indeed, the world beyond. At Deloitte, your whole self to work, every day. Combine that with our drive to propel with purpose and you have the perfect playground to collaborate, innovate, grow, and make an impact that matters. The team Deloitte helps organizations prevent cyberattacks and protect valuable assets. We believe in being secure, vigilant, and resilientnot only by looking at how to prevent and respond to attacks, but at how to manage cyber risk in a way that allows you to unleash new opportunities. Embed cyber risk at the start of strategy development for more effective management of information and technology risks Your work profile As Assistant Manager in our Cyber Team youll build and nurture positive working relationships with teams and clients with the intention to exceed client expectations: - Key Responsibilities: Threat Modelling: Conduct threat modelling sessions to identify potential security risks to applications, networks, and infrastructure. Utilize various threat modelling frameworks (e.g., STRIDE, PASTA) to evaluate the risk associated with business processes and IT systems. Vulnerability Assessment & Penetration Testing: Perform regular vulnerability assessments and penetration testing on applications, systems, and networks to identify weaknesses and misconfigurations. Security Risk Analysis: Analyse vulnerabilities identified in VAPT engagements and prioritize them based on risk to the business. Provide recommendations for remediation and mitigation. Incident Response: Assist in responding to security incidents by analysing threat patterns, supporting forensic investigations, and recommending preventative measures. Collaboration with Teams: Work closely with developers, DevOps, and other stakeholders to design and implement secure development practices and advise on secure code development practices. Reporting: Document findings from threat modelling, vulnerability assessments, and penetration tests, and present them to management and other key stakeholders. Security Awareness: Promote awareness of cybersecurity risks within the organization and provide guidance on secure coding and risk mitigation strategies. Required Skills and Qualifications: Strong knowledge of Threat Modelling methodologies and tools (e.g., Microsoft Threat Modelling Tool, OWASP Threat Dragon). Hands-on experience in performing Vulnerability Assessment and Penetration Testing (VAPT) using tools like Nmap, Burp Suite, OWASP ZAP, Nessus, and Metasploit. Solid understanding of common vulnerabilities (e.g., SQL injection, Cross-Site Scripting, Buffer overflows) and security protocols (e.g., TLS/SSL, OAuth, OpenID). Familiarity with network security (firewalls, IDS/IPS, VPNs, etc.) and web application security. Experience in performing risk analysis, writing security reports, and presenting findings to both technical and non-technical audiences. Knowledge of OWASP Top 10, CVE, and vulnerability databases. Proficiency in one or more programming languages (e.g., Python, Java, C, or scripting languages) is a plus. Understanding of security frameworks and compliance requirements (e.g., NIST, ISO 27001, GDPR, SOC 2) is desirable. Experience with cloud security (AWS, Azure, GCP) and container security (Docker, Kubernetes) is a plus. Strong problem-solving skills and the ability to work independently and in a team. Prior experience in BFSI would be preferred. Preferred Qualifications: Certification: Certified Ethical Hacker (CEH), Offensive Security Certified Professional (OSCP), or similar penetration testing certifications. Certified Information Systems Security Professional (CISSP) or similar information security certifications. Previous experience in threat hunting, incident response, or application security. Understanding of security in Agile/Scrum development processes. Location and way of working Base location: Pune Professional is required to work from office. How youll grow Connect for impact Our exceptional team of professionals across the globe are solving some of the worlds most complex business problems, as well as directly supporting our communities, the planet, and each other. Know more in our Global Impact Report and our India Impact Report. Empower to lead You can be a leader irrespective of your career level. Our colleagues are characterised by their ability to inspire, support, and provide opportunities for people to deliver their best and grow both as professionals and human beings. Know more about Deloitte and our One Young World partnership. Inclusion for all At Deloitte, people are valued and respected for who they are and are trusted to add value to their clients, teams and communities in a way that reflects their own unique capabilities. Know more about everyday steps that you can take to be more inclusive. At Deloitte, we believe in the unique skills, attitude and potential each and every one of us brings to the table to make an impact that matters. Drive your career At Deloitte, you are encouraged to take ownership of your career. We recognise there is no one size fits all career path, and global, cross-business mobility and up / re-skilling are all within the range of possibilities to shape a unique and fulfilling career. Know more about Life at Deloitte. Everyones welcome entrust your happiness to us Our workspaces and initiatives are geared towards your 360-degree happiness. This includes specific needs you may have in terms of accessibility, flexibility, safety and security, and caregiving. Here’s a glimpse of things that are in store for you. Interview tips We want job seekers exploring opportunities at Deloitte to feel prepared, confident and comfortable. To help you with your interview, we suggest that you do your research, know some background about the organisation and the business area you’re applying to. Check out recruiting tips from Deloitte professionals. *Caution against fraudulent job offers*: We would like to advise career aspirants to exercise caution against fraudulent job offers or unscrupulous practices. At Deloitte, ethics and integrity are fundamental and not negotiable. We do not charge any fee or seek any deposits, advance, or money from any career aspirant in relation to our recruitment process. We have not authorized any party or person to collect any money from career aspirants in any form whatsoever for promises of getting jobs in Deloitte or for being considered against roles in Deloitte. We follow a professional recruitment process, provide a fair opportunity to eligible applicants and consider candidates only on merit. No one other than an authorized official of Deloitte is permitted to offer or confirm any job offer from Deloitte. We advise career aspirants to exercise caution.