7 Vulnerability Assessments Jobs

Responsibilities Manage a team of senior Networking and Security personnel. Serves as the subject matter expert (SME) on Cloud networking and security, having previously worked in a senior technical network or security role. Help deliver and manage projects that apply the companys security policies and standards for use in cloud environments. Communicate security concepts to different audiences ranging from business leaders to engineers, as well as customers. Serve as a key subject matter expect in security and networking topics and support delivery of core services from a network security perspective. Mentor and influence team members in implementing and delivering projects and performing ongoing security and network monitoring. Help design security frameworks and effective solutions for vulnerability remediation. Develops standards, policies, and procedures as well as best practices documentation. Able to translate technical requirements into business requirements. Assist team members to update their security and networking skills and knowledge. Collaborate with other IT teams, developers, and business stakeholders to ensure alignment on network and security requirements. Stay up-to-date with the latest cloud networking and security trends and technologies. Develop and execute security roadmaps and initiatives. Drive change and improvements in security delivery of our Cloud security services. Education / Qualifications A university qualification of Bachelor's degree level in Engineering/IT, or a related field. Skills Required: Strong experience in a Security and networking leadership role (5 years+ in a management role combined with previous experience working at a senior technical level for 5 years+ in network/security role). Extensive security management experience in an environment leveraging Azure and/or AWS public cloud platforms. Strong Application, Networking, Cloud Security knowledge and experience. Previous experience working in environments that leverage public Cloud. Extremely knowledgeable in security and networking technical matters. Experience of compliance standards, including ISO27001 and/or SOC2. Familiarity with directives such as GDPR and NIS2/DORA. Experience of team management and interview protocols. Strong understanding of penetration testing and vulnerability assessments. Experience with project management and security project delivery. Solid understanding of application development and SDLC. Security certifications a strong plus (eg CISSP). Fluent English speaker. Desired technical skills or knowledge areas: Expertise in Azure and AWS networking and security services. Proficiency in network protocols and technologies (e.g., TCP/IP, DNS, VPN, routing). Knowledge of security frameworks and standards (e.g., NIST, CIS). Experience with SIEM, IDS/IPS, and vulnerability management tools. Strong practical experience with Fortinet security solutions (FortiGate, FortiAnalyzer, etc.). Proficiency in using Rapid7 security tools (Insight IDR VM) for vulnerability management and forensic investigation. Experience with tooling used for malware analysis and threat prevention. Experience with ManageEngine suite of products, especially PAM360 and Patch Manager Plus. Scripting and automation knowledge (e.g., Python, PowerShell, Terraform).

Ideally, looking for Cyber Security and AWS Cloud experience. Job Summary We are seeking a Cloud Security Engineer with deep expertise in AWS security to join our Information Security team. The ideal candidate will have a strong background in securing cloud environments, designing secure architectures, and implementing security best practices within AWS. This role is responsible for protecting our cloud infrastructure, ensuring compliance, and working closely with DevOps, Engineering, and Security teams to integrate security into cloud operations. The Cloud Security Engineer will be responsible for assessing, developing, and implementing security controls across AWS services, ensuring the security of applications, workloads, and infrastructure deployed in the cloud. Key Responsibilities Design and implement AWS security architectures that align with industry best practices and compliance requirements. Assess cloud security risks and enforce security policies across AWS environments. Manage and optimize AWS Identity and Access Management (IAM), AWS Organizations, and AWS Control Tower to enforce least privilege access controls. Implement and manage AWS security services , including AWS Security Hub, GuardDuty, Macie, Inspector, and WAF . Deploy and configure AWS-native encryption solutions , including AWS KMS, CloudHSM, and Secrets Manager for secure key and secret management. Integrate and manage AWS logging and monitoring tools, including CloudTrail, CloudWatch, Config, and SIEM integrations for threat detection. Ensure network security through secure configurations of AWS VPCs, Security Groups, Network ACLs, AWS Shield, and AWS PrivateLink . Work closely with DevOps teams to integrate security controls into CI/CD pipelines using AWS-native and third-party security tools. Automate security processes using Terraform, AWS CloudFormation, and Python/Bash scripting to enforce security best practices at scale. Implement container and Kubernetes security best practices using AWS EKS, ECS, Fargate, and container scanning solutions . Conduct security audits, vulnerability assessments, and penetration testing of cloud infrastructure. Ensure compliance with CIS AWS Benchmarks, NIST, ISO 27001, SOC2, PCI-DSS, HIPAA , and other regulatory frameworks. Develop and enforce incident response and disaster recovery plans for AWS environments. Educate and train internal teams on cloud security best practices and emerging threats. Minimum Requirements (Must-Have) 4+ years of experience in cloud security, with a strong focus on AWS security. Hands-on experience securing AWS environments, including IAM, VPC, EC2, S3, RDS, Lambda, EKS, ECS, Fargate, CloudFront, and Route 53 . Experience with AWS security services , including AWS Security Hub, GuardDuty, Macie, Inspector, WAF, Shield, CloudTrail, and CloudWatch . Strong understanding of network security concepts , including firewalls, VPNs, network segmentation, and DDoS mitigation in AWS. Knowledge of encryption, key management, and certificate management using AWS KMS, CloudHSM, and ACM. Experience implementing AWS-native security controls and automation using Terraform, CloudFormation, and scripting languages (Python, Bash, or PowerShell) . Familiarity with container security best practices in AWS environments using EKS, ECS, and container scanning tools. Knowledge of Zero Trust security models, identity federation, and role-based access controls (RBAC) in AWS . Experience conducting cloud security audits, vulnerability assessments, and penetration testing . Strong understanding of compliance frameworks such as CIS AWS Benchmarks, NIST, ISO 27001, SOC2, PCI-DSS, and HIPAA . Strong problem-solving skills and the ability to work in a fast-paced environment. Excellent communication skills, with the ability to work cross-functionally with security, engineering, and DevOps teams .

Position - Internal Auditor Job Responsibilities Be part of the company preparation for SOC and ISO audits Perform routine internal security audits Create vulnerability assessments periodically Review internal Incident reports and follow-up till closure Qualifications and Skills Experience in Application Security Internal auditing experience Must have knowledge of ISO 27001, Data Compliance and SOC Audits English fluency in speech and strong ability to communicate in writing Self-motivated, independent and meticulous with an eye for detail Team player with good interpersonal and communication skills

Job Summary We are looking for an Application Security Analyst with 2-3 years of experience in IT and security to strengthen our security team. The ideal candidate will focus on securing web and mobile applications (Android/iOS) by conducting penetration testing, vulnerability assessments, API security reviews, and ensuring compliance with security best practices . Key Responsibilities Application Security & Penetration Testing Conduct security assessments for web, mobile (Android/iOS), and APIs . Identify, exploit, and remediate OWASP Top 10 vulnerabilities. Perform manual and automated security testing to uncover security risks. Conduct secure code reviews to detect application security flaws. Mobile Security (Android & iOS) Perform static and dynamic analysis of Android/iOS applications. Identify security risks such as insecure data storage, API vulnerabilities, and jailbreak/root detection bypass . Utilize tools like MobSF, Frida, Burp Suite, Objection, Drozer, Jadx, and apktool . Validate applications against OWASP Mobile Top 10 security risks. API Security & Secure Development Perform API penetration testing using Burp Suite, Postman, OWASP ZAP . Identify critical vulnerabilities such as Broken Authentication, Excessive Data Exposure, and IDOR . Collaborate with developers to implement secure coding practices and remediation strategies . Vulnerability Management & Compliance Conduct vulnerability assessments using tools like Nessus, Acunetix, Nexpose, Rapid7, and Qualys . Ensure compliance with ISO 27001, SOC2, GDPR , and other regulatory frameworks. Work closely with development teams to remediate security vulnerabilities . Required Skills & Qualifications Bachelors degree in Computer Science, Information Security, or a related IT field . 2-3 years of experience in IT , with at least 1-2 years focused on Application Security & Penetration Testing . Strong understanding of OWASP Top 10 (Web & Mobile) vulnerabilities. Hands-on experience with security tools such as Burp Suite, MobSF, Frida, Objection, Drozer, Jadx, apktool . Proficiency in secure code review (Java, Swift, Kotlin, JavaScript). Expertise in API Security Testing and secure development best practices. Strong analytical, problem-solving, and communication skills . Preferred Qualifications Security certifications such as OSCP, CEH, eJPT, OSWE, GMOB (preferred). Experience with bug bounty programs or responsible disclosure initiatives. Compensation & Benefits Competitive salary based on experience. Career growth opportunities in Application Security & Ethical Hacking . Health & wellness benefits . Access to continuous learning, certifications, and security training programs . If your skills matches the above requirement, kindly share drop your updated resume at "pooja.valluru@engro.io". Looking for immediate to 30 Days Notice Period.

Be a part of our success story. Launch offers talented and motivated people the opportunity to do the best work of their lives in a dynamic and growing company. Through competitive salaries, outstanding benefits, internal advancement opportunities, and recognized community involvement, you will have the chance to create a career you can be proud of. Your new trajectory starts here at Launch. What we are looking for: We are looking for IOT Security Engineer for one of our internal projects. Role: IOT Security Engineer Location: Hyderabad Years of Experience: 8+ Years Job Responsibilities: IoT Device Security Conduct comprehensive IoT device security assessments against provided IEC 62443-based device security requirements. Clearly document security findings, compliance status, and detailed gap analysis. Conduct threat modelling and risk assessment for each finding or non-conformance. Provide actionable, risk-informed recommendations for remediation. Firmware and Hardware Vulnerability Assessments Conduct vulnerability assessments and penetration tests based on IEC 62443 standards. Clearly document findings, perform threat modelling, and assign clear risk ratings. Generate prioritized remediation plans based on identified risks. Firmware Integrity and Compliance Audits Regularly audit firmware integrity and compliance to IEC 62443 standards. Document non-conformances, conduct threat modelling, and assess associated risks. Clearly recommend corrective actions with prioritization based on risk levels Mandatory Skills: 5+ years of experience in embedded systems security, IoT device security, or related fields. Hands-on proficiency with C family programming languages. Deep understanding of hardware security, operating systems internals, cryptography, wire protocols, real-time embedded, and Linux SoC based solutions. Proven expertise with IoT protocols such as MQTT Demonstrated expertise in deploying IoT gateways in scaled public cloud environments Proficiency in conducting threat modeling, vulnerability assessments, and penetration testing of embedded systems. Knowledge of relevant security frameworks (e.g., NIST 800-53, ISO 27402/27001) and regulatory requirements for IoT devices. We are Navigators in the Age of Transformation: We use sophisticated technology to transform clients into the digital age, but our top priority is our positive impact on the human experience. We ease anxiety and fear around digital transformation and replace it with opportunity. Launch IT is an equal opportunity employer and considers applicants for all positions without regard to race, color, religion or belief, sex, age, national origin, citizenship status, marital status, military/veteran status, genetic information, sexual orientation, gender identity, physical or mental disability or any other characteristic protected by applicable laws. Launch IT is committed to creating a dynamic work environment that values diversity and inclusion, respect and integrity, customer focus, and innovation.

Seeking a seasoned Cyber Security System Audit Head to lead and manage a comprehensive cybersecurity audit program. The ideal candidate will ensure compliance, identify vulnerabilities, and recommend strategic improvements to strengthen security posture. Experience with RBI Systems audit is a must. Key Responsibilities: Audit Planning & Execution: Develop and manage the annual cybersecurity audit plan aligned with organizational goals and industry best practices. Design and execute audits including risk assessments, vulnerability assessments, and penetration testing. Supervise and mentor audit team members. Security Assessment & Reporting: Analyze audit findings to identify security gaps and assess control effectiveness. Prepare detailed audit reports with findings, recommendations, and remediation plans. Communicate results effectively to executive management, IT teams, and other stakeholders. Compliance & Regulatory Adherence: Ensure compliance with cybersecurity regulations, industry standards, and internal policies. Stay updated on emerging threats and trends, adjusting audit processes as necessary. Risk Management: Identify and assess cybersecurity risks and develop effective mitigation strategies. Monitor and continuously improve the effectiveness of security controls. Collaboration & Communication: Work closely with IT, security, and other departments to ensure cohesive strategies. Build strong internal and external stakeholder relationships. Technical & Leadership Skills: Deep understanding of cybersecurity principles, technologies, and audit methodologies. Proficiency with security tools such as vulnerability scanners, penetration testing tools, and SIEM systems. Familiarity with industry standards and frameworks (e.g., NIST, ISO 27001, SOC 2). Proven leadership abilities with strong analytical, problem-solving, communication, and interpersonal skills. Additional Requirement: Demonstrated experience working on RBI Systems audit. Interested candidates are encouraged to apply for this opportunity to drive cybersecurity excellence.

Will have access to devices and address all the compliance related to Firewalls, IPS, WAF, DNS, SSLO Pala Alto, FortiGate, Checkpoint(Firewalls), Forti & McAfee(IPS),F5(SSLO),WAF(Imperva) DNS(Infoblox) Required Candidate profile Monitor and enforce security compliance across networks. Conduct vulnerability assessments and recommend solutions. Maintain ISECURE certification and compliance standards.