3 Vulnerability Research Jobs

Entain India is the engineering and delivery powerhouse for Entain, one of the world's leading global sports and gaming groups. Established in Hyderabad in 2001, we have grown from a small tech hub into a dynamic force, delivering cutting-edge software solutions and support services that power billions of transactions for millions of users worldwide. Our focus on quality at scale drives us to create innovative technology that supports Entain's mission to lead the change in the global sports and gaming sector. At Entain India, we make the impossible possible, together. This role at Entain India involves working closely with teams across the group to identify and handle security incidents, ensuring that relevant security attacks are timely detected, investigated, and mitigated. Additionally, the role involves reviewing the security risks the organization faces and executing appropriate responses to ensure the security posture remains aligned with the dynamic needs of the organization. **Responsibilities include:** - Executing activities around incident response, security monitoring, threat hunting, security analytics, and reporting. - Collaborating with vendors, consultants, and third-party service providers to define baseline information security configurations for products deployed across all technology platforms. - Championing and continuously developing knowledge on emerging trends and changes in security operations. - Contributing to relationships across the Entain Group to deliver efficient and consistent security operations services through continuous improvement opportunities. - Ensuring visibility on issues and gaps resulting from security monitoring activities and suggesting innovative ways to address incident response. - Applying analytics to provide insight to the security operations team to enhance policies and processes related to risk management, security program management, and security governance. - Assessing current security operations processes and technology continuously to provide enhanced strategy, process, and technology recommendations. - Collaborating with security engineering and vulnerability teams to ensure security tooling provides appropriate visibility to detect and respond to security events. - Managing the development of baseline reporting metrics to effectively measure the health of the security operations domain. - Maintaining security procedures for products, applications, and platforms and acting as a technical resource for security or compliance matters. **Qualifications:** - At least two years of experience in a similar Information Security position. - Experience developing security tools and open-source projects. - Attention to detail and excellent problem-solving skills. - Outstanding knowledge of technical foundations behind networking, operating systems, and applications. - Good understanding of on-premises, cloud, and hybrid environments. - Good understanding of Information Security processes and theory. - Vulnerability research and exploitation skills. - Autonomous and self-organized. - Good communication skills and customer-facing experience. - Experience in vulnerability management, risk management, and traffic and packet analysis. **Competencies/Behaviors:** - Collaboration: Communicates effectively with a positive impact. - Analytical thinking: Thinks critically, providing well-reasoned insights through a commercial lens. - Agility: Quickly adapts and remains flexible while managing risks. - Acts with integrity: Takes ownership and does the right thing. At Entain India, we strive to create a diverse, equitable, and inclusive future for our people and the global sports betting and gaming sector. We value and celebrate individuality across all protected characteristics. We comply with all applicable recruitment regulations and employment laws globally and ensure ethical and compliant hiring practices. If you require any adjustments or accommodations during the recruitment process, please contact us.,

The Application Security Expert - Red Team / Ethical Hacker is a critical role responsible for proactively identifying and exploiting security vulnerabilities in software applications throughout the Software Development Life Cycle (SDLC). As a key member of the in-house Red Team, your focus will be on simulating real-world attacks, conducting advanced penetration testing, and providing actionable intelligence to strengthen the overall security posture. Your responsibilities will include planning and executing realistic attack simulations against web, mobile, and desktop applications, developing custom exploits, tools, and techniques to mimic advanced threat actors, and conducting social engineering campaigns to assess employee awareness. You will also be responsible for in-depth penetration testing of applications, networks, and systems, identifying and exploiting complex vulnerabilities, and developing detailed penetration test reports with actionable recommendations. In addition, you will conduct code reviews from an offensive perspective, provide guidance on secure coding practices, and develop secure coding guidelines. Staying up-to-date on the latest security threats, vulnerabilities, and exploit techniques will be crucial, as you will be conducting vulnerability research, developing custom exploits and tools, and integrating security testing into the SDLC. You will also collaborate with development teams, participate in design reviews, and promote a security-conscious culture within the organization. Validating and verifying the effectiveness of vulnerability remediation efforts, retesting remediated vulnerabilities, evaluating and customizing offensive security tools, and automating red teaming and penetration testing processes will also be part of your role. Your technical skills should include expert proficiency in programming languages, a strong understanding of web application vulnerabilities, experience with penetration testing tools and frameworks, cloud security principles, authentication and authorization mechanisms, and network protocols. The ideal candidate will have a Bachelor's or Master's degree in Computer Science, Information Security, or a related field, along with at least 8 years of experience in application security, penetration testing, or red teaming. Certifications such as Offensive Security Certified Professional (OSCP), Certified Ethical Hacker (CEH), GIAC Web Application Penetration Tester (GWAPT), Offensive Security Certified Expert (OSCE), and Offensive Security Web Expert (OSWE) are highly preferred.,

As a Technical Writer and Cybersecurity Researcher at Qunit Technologies, your primary responsibility will be to conduct in-depth research and create informative content on various cybersecurity topics. You will be tasked with writing detailed technical articles, whitepapers, and blog posts that cover vulnerabilities, attack vectors, and best practices in the field of cybersecurity. Additionally, you will be expected to document Proof-of-Concepts (PoCs) for known vulnerabilities, complete with step-by-step instructions and screenshots, to aid in understanding and mitigation strategies. In the realm of Vulnerability Research and Testing, you will delve into exploring and replicating known vulnerabilities on test environments to showcase their real-world impact. This will involve uncovering security flaws in web applications, APIs, cloud infrastructure, and other systems, followed by documenting your findings and proposing effective mitigation strategies to address the identified vulnerabilities. Your role will also entail hands-on experience with various cybersecurity tools such as Burp Suite, Metasploit, Nmap, Nessus, among others. You will be required to evaluate the efficacy of these tools and document their utilization in detecting and mitigating security risks effectively. As part of Threat Research and Reporting, you will stay abreast of cybersecurity news and updates to identify emerging threats and vulnerabilities. Your insights will be instrumental in creating threat intelligence reports and recommending proactive measures to safeguard against potential cyber threats. Collaboration and support are crucial aspects of your role, as you will collaborate closely with the cybersecurity team to contribute to research projects and client deliverables. You will also provide support in preparing presentations, technical documentation, and knowledge-sharing sessions to enhance the overall cybersecurity knowledge within the team. If you are passionate about cybersecurity research, technical writing, and content creation, and possess a keen interest in exploring vulnerabilities, testing cybersecurity tools, and staying updated on emerging threats, then this role at Qunit Technologies is an excellent opportunity for you to make a significant impact in the cybersecurity domain.,