711 Vapt Jobs - Page 11

Senior Security Engineer (GRC)

Job Title: IT Risk, Security & Audit Lead Years of Experience: 8-13 Years Location: India, Mumbai, Andheri, Saki Naka Job Summary: We are seeking an experienced and detail-oriented IT Risk, Security & Audit Lead to oversee product development and deployment, ensuring compliance with security governance, risk management, audits, and certifications within our banking technology environment. The role demands expertise in cybersecurity, IT risk management, audit frameworks, and regulatory compliance (RBI, PCI-DSS, ISO, SOC2, etc.), with the ability to align technical security measures to business objectives. The ideal candidate will bring prior banking/fintech domain experience and a proven trac...

Experience with SIEM tool like PaloAlto XDR Experience with SOAR tool like PaloAlto XSOAR Experience with EDR tool like Crowdstrike Knowledge of Splunk queries Knowledge of assessing Incident severity, classifying them and performing initial investigations to determine the scope and impact. Good experience and exposure of Incident handling by established procedures and protocols to contain, mitigate, and resolve security incidents efficiently and effectively. Capable of identifying fine tuning requirements to avoid false-positive alerts Identify, develop and propose enhancements to existing processes and operations Ability to read and understand system data including security event logs, sys...

Information Systems Security work focuses on preventing IT-based crime, hacking, intentional or inadvertent modification, disclosure, or destruction to an organization's information systems and IT assets and intellectual property including: Designing, testing, and implementing secure operating systems, networks, and databases Password auditing, network based and Web application based vulnerability scanning, virus management, and intrusion detection Conducting risk audits and assessments, providing recommendations for application design Monitoring and analyzing system access logs Planning for security backup and system disaster recovery Positions on this level are fully proficient in executin...

Senior Consultant - IT Security: KeyDeliverables (Essential Functions & Responsibilities of the Job) : Providesupport as Lead implementor towards ISMS and PIMS policies, procedures, andguidelines and ensure to perform regular review and update. Gatherevidence of continuous compliance with ISO 27001:2022 and ISO 27701:2019, DPDPA, IT Act and Cert In Regulation including audit logs, records of reviews, timely closure of open audit and risks and sharing the report with management. Conductregular, documented information security and privacy risk assessments onSecurity Tools and Technologies by identifying assets, threats, vulnerabilities, likelihood, and impact. Prioritizeidentified vulnerabilit...

Proficient in VAPT tools for applications and infrastructure (e.g., Burp Suite, OWASP ZAP, Nessus, Nmap, Postman). Awareness of regulatory standards: RBI Cybersecurity Framework, PCI DSS, NIST. Required Candidate profile Strong grasp of OWASP Top 10, API Security best practices, and secure coding principles. Threat Identification & Risk Assessment. Certified Ethical Hacker (CEH) (Mandatory)

We are hiring freelancers — please do not apply if you are in a permanent job. Seeking experts in VCISO, CISO, ISO 27001, SOC 2, HIPAA, VAPT, Information Security, Risk Assessment, and Policy & Procedure.

To lead and execute deployment planning, infrastructure automation, release management, and monitoring initiatives across cloud and on-prem environments.

Role: SOC Analyst - L3 Job Type: Full Time, Permanent Location: Pune (Onsite) Experience Required: 5+ years of experience in network and IT security field, managing SOC systems and operations (defining strategy around security monitoring, incident management, regulatory compliance, process improvement etc.) Qualification: Certifications in Cyber security/Information Security/Networking, Degree in Computer Science / Applications. CTC: 16 LPA to 20 LPA Primary Abilities SIEM SOAR UEBA NBAD/NDR Endpoint Security Threat Hunting Threat Analysis Team Leading Client Interaction Responsibilities: Lead and mentor junior SOC analysts Conduct in-depth investigations into complex security incidents Iden...

As an Analyst - Cyber Security at our company, you will be responsible for various tasks related to security testing projects. Your role will involve the following key responsibilities: - Having a hands-on expert working knowledge of tools such as Burp, Nessus, Nmap, Nipper, Metasploit, and any other latest tools. - Demonstrating hands-on experience in Vulnerability Assessment and Penetration Testing (VAPT), Cloud Security, Web & Mobile Application security. - Possessing basic scripting knowledge in any language would be considered an added advantage. - Showcasing good report-making skills, both in written and verbal communication, and being capable of interacting directly with clients durin...

Educational Requirements Bachelor of Engineering Service Line Infosys Quality Engineering Responsibilities Hands-on knowledge of Security testing methodologies like OWASP Top 10, SANS 25 etc., Ability to perform automated and manual hands-on penetration security testing e.g. DAST, SAST and SCA, identifying security risks within applications, cloud infrastructure, security controls and Network systems. Experience with penetration testing tools (e.g. Burp) Extensive knowledge of attack payloads for discovering security vulnerabilities Plan, execute, and report on all testing activities and outcomes Create findings reports and communicate to stakeholders Must possess at least 5 years of experie...

The role supports full end to end software development cycle, from initial client engagement, through assessments and road-mapping, to longer term engagement in an advisory capacity. As an Application Security Consultants, the person should leverage the technical expertise of the security competencies, varied product and delivery capabilities. Hands on experience in Secure SDLC, DAST, SAST, HP Fortify and Burp Suite Provide strategic advice and insights to clients based on deep domain knowledge and industry best practices. Identify potential risks and develop mitigation strategies to ensure project success and client satisfaction. Lead and coordinate incident response activities, including i...

Application Security group is responsible for ensuring that Fidelity applications are designed, developed and deployed securely. The role will involve working closely with development groups to ensure secure design, development and implementation of services and components. As Technical Specialist, person would be responsible to understand complex technical and architectural issues from security perspective and the ability to understand the implications associated with the chosen technical strategy * Conduct Vulnerability Assessments of Network and Security Devices using various open source and commercial tools * Map out a network, discover ports and services running on the different exposed...

Defining and implementing IT policies / IS Security Policies Identify risks in the IT processes Define controls and analyze implications of making process changes Draw up Risk Control Matrices Plan and conduct process audits within IT Facilitate issue resolution with the IS Auditors Evaluate IT Security related products Understand, implement, monitor and review of various regulatory / compliance frameworks like SOX, COBIT, ITIL, ISO 27001, ISO 22301, ISO 31000 Basel etc Conduct training programmes on Information Security, Risk, compliance and regulatory aspects Analysis of various system generated reports, logs, audit reports and VAPT reports Qualifications First class Graduate/Post Graduate...

Notice Period: Immediate to 15 days Shift Timings: General or Rotational shifts (as per project need) Key Responsibilities & Must-Have Skills: Strong experience in .NET Core and full-stack development Proficient in ReactJS Hands-on experience with Microsoft Azure , especially: Azure PaaS services Azure Functions Azure Storage App Services Proficient in SQL Server Familiarity with CI/CD pipelines using Azure DevOps , GitHub Exposure to cloud-based development and deployment Practical understanding of secure coding practices , including: VAPT SonarQube Experience with data scraping techniques Nice-to-Have Skills: Testing experience Experience with Blazor Knowledge of Kafka

Will be working on Application security testing Skills. Strategize and plan static and dynamic application security testing (SAST/DAST / SCA) tools. Will be responsible for Secure Coding Practices Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise BE / B Tech in any stream, M.Sc. (Computer Science/IT) / M.C.A, with Minimum 5 plus years of experience Application Security TestingExperience with static and dynamic application security testing (SAST/DAST/ SCA) tools. Secure Coding PracticesKnowledge of secure coding standards (e.g., OWASP Top Ten) and experience in reviewing code for security vulnerabilities. Threat ModelingAbil...

Threat Hunting: Design and execute proactive threat hunting campaigns using advanced tools and techniques. Analyse security telemetry, logs, and network data to identify indicators of compromise (IOCs). Continuously improve hunting methodologies based on emerging threats and intelligence. Work closely with SOC analysts to escalate findings and support investigations. Threat Intelligence: Collect, analyse, and disseminate actionable threat intelligence to internal teams. Monitor global threat landscape and security bulletins to identify relevant threats. Establish and maintain relationships with external threat intelligence communities and vendors. Integrate threat intelligence feeds into sec...

Will be working on Application security testing Skills. Strategize and plan static and dynamic application security testing (SAST/DAST / SCA) tools. Will be responsible for Secure Coding Practices Required education Bachelor's Degree Preferred education Master's Degree Required technical and professional expertise BE / B Tech in any stream, M.Sc. (Computer Science/IT) / M.C.A, with Minimum 5 plus years of experience Application Security TestingExperience with static and dynamic application security testing (SAST/DAST/ SCA) tools. Secure Coding PracticesKnowledge of secure coding standards (e.g., OWASP Top Ten) and experience in reviewing code for security vulnerabilities. Threat ModelingAbil...

This Position reports to: IS Department Manager for Compliance and Risk Advisory Your role and responsibilities (Mandatory) In this role, you will have the opportunity to establish and maintain operational methods, service compliance, and procedures. Each day, you will be responsible for planning, design, implementation and continuous improvement within governance, compliance, assurance, and/or risk. You will also showcase your expertise by guiding, advising, or supporting in all operational aspects, including document management and systems and procedures analysis. The work model for the role is #LI #Hybrid You will be mainly accountable for: Monitoring the implementation, communication, an...

Responsibilities: • Perform security assessments, including static and dynamic application security testing • Conduct manual penetration testing on web applications, network devices, and other systems • Collaborate with our clients in a fast-paced environment across many technology stacks and services, including cloud platforms and development technologies • Develop, enhance, and interpret security standards and guidance • Demonstrate and promote security best practices, including secure development and cloud security • Assist with the development of remediation recommendations for identified findings • Identify and clearly articulate (written and verbal) findings to senior management and cl...

Responsibilities: Conduct penetration tests on networks, web apps & mobiles. Identify vulnerabilities using Vapt, OWASP & Metasploit. Collaborate with dev teams on remediation plans.

We are looking for a skilled SIEM Engineer with 5 to 22 years of experience. The ideal candidate will have a strong background in Splunk Enterprise architecture, distributed components, and knowledge of Splunk Cloud. Roles and Responsibility Building, maintaining, and operating Splunk Enterprise and Splunk Enterprise Security SaaS Solution. Creating correlation searches for Cyber Operation requirements. Evaluating and analyzing business requirements and designing suitable solutions. Managing, coordinating, and implementing technical project activities and enhancements to services. Conducting Incident/Problem/Recovery activities. Supporting the Joint Operations Centre and incident response te...

Qualifications: Qualification: BE / BCA / any bachelor degree. Experience: Minimum 5-8 exp in VAPT. Key Responsibilities Experience on Vulnerability Assessment and Penetration Testing for Infrastructure / network / web application / databases Web Services Knowledge / Penetration Testing Good Knowledge on Secure Code Review of applications is desirable. Demonstration of Proof of concepts for exploits Wireless Penetration Testing & Application Security Review Security Configuration Review of Database / Servers / Firewalls / Switches / Routers Knowledge on open source and commercial tools for e.g Metsploit framework, Nessus, Acunetix, Appscan, nmap etc. Experience Mobile application testing. Go...

We are looking for skilled Security Consultants with Vulnerability tools experience to join our team on a contract basis. The ideal candidate will have 5-25 years of experience in the field. Roles and Responsibility Conduct vulnerability assessments and penetration testing to identify security risks. Develop and implement comprehensive security strategies to mitigate vulnerabilities. Collaborate with cross-functional teams to ensure seamless integration of security measures. Stay up-to-date with emerging trends and technologies in cybersecurity. Provide expert guidance on security best practices to clients. Perform risk analysis and provide recommendations for remediation. Job Requirements S...

1. Conduct vulnerability scan using Prisma's cloud vulnerability scanning features to identify vulnerabilities in cloud resources . 2. Assess and monitor security posture of Kubernetes clusters, including network policies, pod configurations and container runtime security. 3. Leverage Prisma cloud's automated vulnerability risk scoring to evaluate severity of vulnerabilities 4. Work with teams to prioritize vulnerabilities based on severity, exploitability & potential business impact. 5. Ensure organization's cloud infrastructure complies with industry standards 6. Use Prisma cloud to scan Kubernetes clusters and container registries for known vulnerabilities and misconfigurations 7. Create ...