3 Vulnerability Research Jobs nearby Kochi

As a Cyber Security Intern at our company, you will be part of our IT security team, gaining hands-on experience in protecting digital assets, identifying vulnerabilities, and implementing real-world cyber security practices. Key Responsibilities: - Assist in monitoring and analyzing security alerts and logs. - Support vulnerability assessments and risk analysis. - Help implement and enforce security policies and procedures. - Conduct research on current cyber threats and trends. - Assist with incident response and forensic investigations. - Test and evaluate internal security tools and software. - Document security processes, findings, and recommendations. - Participate in training sessions and security awareness programs. Requirements: - Currently pursuing a degree in Cyber Security, Computer Science, Information Technology, or a related field. - Basic understanding of networking, firewalls, and security protocols. - Familiarity with common operating systems (Windows, Linux). - Knowledge of cybersecurity principles and practices. - Strong analytical and problem-solving skills. - Excellent communication and teamwork abilities. Preferred Skills: - Familiarity with tools such as Wireshark, Nessus, or Splunk. - Basic scripting knowledge (Python, Bash, etc.). - Certifications like CompTIA Security+, CEH (in progress or completed). In addition to the above, you will benefit from: - Hands-on experience with real-world cyber security tools and systems. - Mentorship from experienced professionals. - Opportunity to work on impactful projects. - Certificate of completion and recommendation (based on performance). Please note that this is a full-time, permanent internship with a contract length of 3 months. You will be provided with paid sick time and will work during day shifts at our in-person work location.,

As a DevOps Architect at the company, your role will involve driving the design, implementation, and management of scalable, secure, and highly available infrastructure. Your responsibilities will include: - Leading and managing the DevOps team to ensure reliable infrastructure and automated deployment processes. - Designing, implementing, and maintaining highly available, scalable, and secure cloud infrastructure across platforms like AWS, Azure, and GCP. - Developing and optimizing CI/CD pipelines for multiple applications and environments. - Driving Infrastructure as Code (IaC) practices using tools like Terraform, CloudFormation, or Ansible. - Overseeing monitoring, logging, and alerting solutions to ensure system health and performance. - Collaborating with Development, QA, and Security teams to integrate DevOps best practices across the SDLC. - Leading incident management and root cause analysis for production issues. - Ensuring robust security practices for infrastructure and pipelines, including secrets management and vulnerability scanning. - Guiding and mentoring team members to foster a culture of continuous improvement and technical excellence. - Evaluating and recommending new tools, technologies, and processes to improve operational efficiency. Qualifications and skills required for this role include: **Qualifications:** - Bachelor's degree in Computer Science, IT, or related field; Master's preferred. - At least two current cloud certifications (e.g., AWS Solutions Architect, Azure Administrator, GCP DevOps Engineer, CKA). - 12+ years of relevant experience in DevOps, Infrastructure, or Cloud Operations. - 5+ years of experience in a technical leadership or team lead. **Skills & Abilities:** - Expertise in at least two major cloud platforms: AWS, Azure, or GCP. - Strong experience with CI/CD tools such as Jenkins, GitLab CI, Azure DevOps, or similar. - Hands-on experience with Infrastructure as Code (IaC) tools like Terraform, Ansible, or CloudFormation. - Proficiency in containerization and orchestration using Docker and Kubernetes. - Strong knowledge of monitoring, logging, and alerting tools (e.g., Prometheus, Grafana, ELK, CloudWatch). - Scripting knowledge in languages like Python, Bash, or Go. - Solid understanding of networking, security, and system administration. - Experience in implementing security best practices across DevOps pipelines. - Proven ability to mentor, coach, and lead technical teams. In addition to the technical requirements, you will be expected to work Monday to Friday, 40 hours per week with occasional overlap with PST. Travel requirements may include occasional team meetings, user research, or conferences. Light on-call rotation may be required based on operational needs. The company values innovation, integrity, ownership, agility, collaboration, and empowerment, and expects all employees to embody and promote these values in their work.,

Role Overview: You will be an experienced and enthusiastic security engineer at OCI Security, responsible for the planning, design, build, and operations of security services to protect Oracle's cloud. Your role will involve overseeing the implementation of advanced security platforms, ensuring compliance with corporate security policies, and demonstrating a strong understanding of security concepts to champion security for OCI and its partners. Key Responsibilities: - Responsible for basic planning, design, and build of security systems, applications, environments, and architectures - Oversee the implementation of security systems, applications, environments, and architectures, ensuring compliance with information security standards and corporate security policies and procedures - Research industry trends, assess current controls and threat posture of products and services, recommend and implement new security controls across Oracles line of business (LOB) - Monitor, develop, and maintain an enterprise security tooling program including Security Information and Event Management (SIEM), Endpoint Protection, and others - Build and administer secure Oracle Cloud environments, work directly with system owners to implement security controls, configure security tools, reduce risk, enhance existing tools and processes - Improve current processes and workflows, assist in the development of security documentation, training, and awareness programs - Research, evaluate, track, and manage information security threats and vulnerabilities, participate in a Rotational On-Call schedule for critical issues Qualifications: - Career Level - IC3 About Us: Oracle, a world leader in cloud solutions, utilizes tomorrow's technology to address today's challenges. With over 40 years of experience, Oracle continues to thrive by operating with integrity and partnering with industry leaders in various sectors. The company is committed to fostering an inclusive workforce, promoting opportunities for all, and supporting employees with competitive benefits, flexible medical, life insurance, and retirement options. Additionally, Oracle encourages employees to engage in volunteer programs and is dedicated to including people with disabilities at all stages of the employment process.,

As a Security Researcher at Microsoft Security, you will be responsible for analyzing vulnerabilities in Microsoft's products and services to determine their root cause, severity, and security impact. Your role will be crucial in shaping the security updates deployed to customers and informing offensive and defensive security research within the team. Key Responsibilities: - Analyzing vulnerabilities in software and services to determine root cause, severity, and security impact - Identifying variants of vulnerabilities and discovering new vulnerabilities - Building tools and inventing new approaches to automate the discovery & analysis of vulnerabilities - Analyzing trends in vulnerabilities to spot patterns - Researching, developing, and deploying mitigations for common vulnerability patterns - Performing penetration testing, offensive security research, and red teaming activities - Engaging with and contributing knowledge back to the security research community - Mentoring and contributing to the growth of individuals within the team and across Microsoft - Supporting a healthy and inclusive culture within the team and across Microsoft Qualifications: - Bachelor's Degree in Statistics, Mathematics, Computer Science, or related field - Experience in software development lifecycle, large-scale computing, modeling, cybersecurity, and/or anomaly detection - In-depth experience working as a security engineer - Experience in identifying common vulnerability types (OWASP top 10, CWE top 25) in software and services written in various programming languages - Ability to debug and root cause vulnerabilities in software, services, and cloud platforms - Excellent written and verbal communication skills Preferred Qualifications: - Public track record of vulnerability research and discovery - Familiarity with cloud service architectures (Azure, etc.), design, and implementations - Knowledge of operating system internals for Windows and/or Linux - Understanding of exploitation techniques and mitigations Joining Microsoft Security as a Security Researcher will provide you with a unique opportunity to have a positive impact on improving safety for customers worldwide and work on challenging real-world security problems as part of a supportive and collaborative team.,

As a Security Analyst, your role will involve the following key responsibilities: - Perform security assessments: Conduct detailed penetration tests on web applications, networks, and computer systems to identify vulnerabilities. - Analyze and report findings: Document methodologies, findings, and actionable remediation strategies in comprehensive reports for stakeholders. - Collaborate on solutions: Work with other teams, such as security analysts and system administrators, to implement and validate security fixes. - Conduct social engineering tests: Simulate attacks like phishing to test the organization's security readiness against human-based exploits. - Stay current with threats: Research and stay updated on new attack vectors and techniques to anticipate and defend against evolving threats. - Develop testing methodologies: Design and create penetration tests and simulations to evaluate existing security controls. No additional details of the company were mentioned in the job description.,

Role Overview: You will be a research associate at Rapifuzz, dedicated to enhancing existing product capabilities or creating new technologies in the cybersecurity domain. As an individual contributor in the Security team, you will collaborate directly with senior management to drive innovation and product development. Key Responsibilities: - Researching product technology to enhance workflows and create new features or test cases - Identifying security vulnerabilities in various environments and layers - Using scientific methods and engineering principles to improve product performance - Supporting development teams in choosing appropriate technologies for product enhancement Qualifications Required: - A Bachelor's degree in computer science or a related field is mandatory - Experience in application and network security, cyber security incident management, and threat intelligence - Minimum of 2 years working in a cybersecurity product organization as a security researcher or consultant - Domain knowledge of cybersecurity and proficiency in basic productivity tools like MS Office - Strong verbal, written, and communication skills - Working knowledge of OS like Windows or Linux (Ubuntu preferred) - Inclination towards research with published papers on Cyber Security being an advantage - Ability to think creatively and go the extra mile to find solutions Company Details: At Rapifuzz, we are committed to simplifying security and empowering organizations against digital threats. Our values include integrity, innovation, collaboration, and customer-centricity. With a diverse portfolio of next-gen cybersecurity solutions, we strive to meet the unique needs of our clients with the expertise of seasoned professionals. Please note that the work location for this full-time position is in person, and health insurance benefits are provided.,

Role Overview: You will play a crucial role in supporting and maintaining the vulnerability detection and mitigation best practices within the information security domain. Your responsibilities will include applying threat and vulnerability management programs to elevate the security practices and maturity level. Furthermore, you will actively participate in incident response triage, proactive analysis, and detection and mitigation of vulnerabilities across networks, systems, and applications. Key Responsibilities: - Analyze vulnerability feeds and assist the CDC operations by implementing IOC/IOA based on vendor advisories, security alerts, and threat trending. - Conduct analysis and implement the CVSS scoring mechanism associated with all relevant vectors/strings of vulnerabilities. - Identify, analyze, and notify the CDC operation and EDR team about the most recent threats/detection signatures, and formulate use cases for monitoring or dropping related vulnerability exploitations. - Keep stakeholders informed with regular updates on security assessment reports, outlining security issues, and suggesting workarounds. - Monitor and manage the vulnerability process cycle to ensure prompt closure of all vulnerability findings. - Proactively research the latest security vulnerabilities, vendor advisories, security incidents, and penetration techniques, and communicate relevant information to stakeholders. - Provide assistance, contribute to ongoing and upcoming projects related to Vulnerability Management, and offer security assessment and consultation. Qualifications Required: - Demonstrated understanding of vulnerability management best practices and methodologies. - Proficiency in threat intelligence, vulnerability assessments, and incident response. - Familiarity with the CVSS scoring mechanism and its application in vulnerability analysis. - Experience in analyzing and interpreting security alerts, advisories, and threat trends. - Strong communication skills to effectively engage with stakeholders and deliver detailed security reports and recommendations.,

As a part of the security team at Cohesity, your mission is to assist organizations worldwide in safeguarding their data and staying ahead of evolving cyber threats. Your responsibilities will include identifying vulnerabilities through code analysis and reverse engineering, documenting findings with detailed reports, and providing actionable recommendations to strengthen the security posture of target systems. Staying updated with cybersecurity trends, emerging threats, and technologies is crucial as you contribute implementation plans to enhance product security. **Role Overview:** In this role, you will be responsible for: - Penetrating applications, networks, and systems to identify vulnerabilities - Understanding product architecture and attack vectors - Finding 0-Day vulnerabilities through code analysis or reverse engineering - Performing threat modeling and categorizing threat levels - Understanding technical domains and human interaction domains related to cybersecurity - Knowing modern authentication protocols, cloud computing technologies, and network security **Key Responsibilities:** You will: - Identify vulnerabilities through code analysis and reverse engineering - Document findings with detailed reports and actionable recommendations - Contribute implementation plans to enhance product security - Perform threat modeling and categorize threat levels - Stay updated with cybersecurity trends, emerging threats, and technologies - Have knowledge of Windows, Linux, Unix internals and network security **Qualifications Required:** We would love to talk to you if you have many of the following qualifications: - Preferred Certifications: CISSP, CEH, ECSA, OSCP, LPT - Minimum 5-7 years of experience in the Security Domain - Excellent communication skills and great collaboration - Familiarity with frameworks like NIST, MITRE ATT&CK, and CIS Controls - Knowledge of scripting (Python, Bash) or automation tools for security operations If you are driven to shape the future of cybersecurity and have a passion for safeguarding data against cyber threats, Cohesity invites you to join our mission. Embrace the opportunity to work in a dynamic environment where your expertise and skills can make a difference. (Data Privacy Notice: For information on personal data processing, please see our Privacy Policy.) (Note: In-Office Expectations - Cohesity employees within a reasonable commute work out of our core offices 2-3 days a week of their choosing.),

Role Overview: You will be conducting planned and authorized real-world attack scenarios against corporate assets, networks, and applications using common hacking methodologies and tools. Your role will involve evaluating corporate security posture through technical, manual, and automated methods, including software and network architecture review, validation of defensive controls, exploit attempts, data exfiltration, and vulnerability assessments. This position requires a high level of technical expertise and experience in IT development, operations, and security. Key Responsibilities: - Create, coordinate, and plan engagements with internal customers under the guidance of senior team members - Independently gather requirements and create appropriate engagement documentation and schedules - Perform complex analysis on intelligence data to determine risks and targets - Lead meetings with internal customers to coordinate engagement execution - Evaluate proposed remediation actions and recommend alternate actions under supervision - Understand complex architecture and design concepts of applications, hardware, and networks Qualifications Required: - Bachelor's Degree - Minimum 4 years of relevant experience in Ethical Hacking/Penetration Testing, software development, cyber forensics, or threat hunting - Certification: Certified Ethical Hacker (CEH) or GIAC Penetration Tester (GPEN) or equivalent - Preferred: 6 years of relevant experience, CISSP, CEH, GPEN, GXPN, GWAPT, OSCP certifications Additional Details: The role requires you to be a seasoned professional with a full understanding of the specialization area. You will work on diverse problems, demonstrate good judgment, and network with senior internal and external personnel. Experience with vulnerability exploit techniques, ethical hacking tools, security intelligence data analysis, and activities involving APT threats is highly desirable.,

As a Security Engineer II, InfoSec at our company, you will play a critical role in ensuring the security and integrity of our technology infrastructure. Your strong background in information security, technology engineering, and application engineering will be crucial in identifying and mitigating vulnerabilities. You will be based in the Mumbai office, operating in a hybrid mode from 4:30pm to 1:30am. Key Responsibilities: - Work with information security engineering to ensure deployment of all security tools. - Collaborate with infrastructure and other security teams to implement security best practices. - Educate and advocate for a secure software development lifecycle. - Evaluate current technology architecture for vulnerabilities and recommend upgrades or improvements. - Assist security architects with backend tasks. - Complete scoping assignments and travel as needed to support the Information Security program. - Manage and advise technical teams in creating artifacts for penetration testing. - Review security of SaaS & Cloud platforms through vendor evaluations. - Distribute vulnerability ticket findings to stakeholders for remediation. - Identify discrepancies in asset inventory reports. - Stay updated on emerging vulnerabilities and threats. - Review and track false positive requests and remediate findings with Infrastructure, Application, and Network teams. - Demonstrate fundamental and working understanding of cloud concepts. Requirements: - Minimum 2-3 years of experience in Information Security related roles. - Minimum 2-4 years of experience in technology engineering or application engineering positions. - Strong English written and verbal communication skills. - Excellent research and project management skills. - Ability to plan and complete tasks independently with minimal oversight. - Proficiency in multitasking and prioritizing tasks across projects. - Strong time management and organizational abilities. - Personal integrity and commitment to achieving outstanding results. About Kroll: Kroll is a global valuation and corporate finance advisor specializing in complex valuation, disputes, investigations, M&A, restructuring, and compliance and regulatory consulting. Our professionals leverage analytical skills, market insight, and independence to support clients in making informed decisions. We value diversity and encourage a global mindset within One team, One Kroll, fostering a collaborative work environment that promotes excellence. Kroll is dedicated to equal opportunity and diversity, recruiting based on merit. To be considered for a position, formal application via careers.kroll.com is required.,

As a C Programming Intern at Shortorbit Technologies Pvt Ltd, you will be working on advanced cryptographic systems and secure computing applications. Your responsibilities will include designing and implementing backend architectures, developing high-performance APIs and microservices, implementing parallel processing and multi-threading systems, building queue-based architectures, developing execution engines, implementing secure data flow pipelines, optimizing algorithms for performance and security, designing caching strategies, integrating cryptographic libraries and security protocols, and writing comprehensive unit tests and documentation. Qualifications Required: - Strong proficiency in backend programming (Node.js, Python, or Java) - Deep understanding of Object-Oriented Programming (OOP) principles - Knowledge of cryptographic algorithms and security protocols - Experience with parallel processing and multi-threading concepts - Understanding of data structures, algorithms, and computational complexity - Knowledge of queue systems (RabbitMQ, Redis, Kafka, etc.) - Familiarity with RESTful API design and implementation - Experience with database design (SQL and NoSQL) Preferred Qualifications: - Experience implementing execution engines or workflow systems - Knowledge of graph theory and topological sorting algorithms - Understanding of distributed systems and microservices architecture - Familiarity with cryptographic standards (NIST, FIPS) - Experience with Docker and containerization - Knowledge of security testing and vulnerability assessment - Understanding of compiler design or interpreter implementation - Experience with performance profiling and optimization Skills Required: - Strong analytical and problem-solving abilities - System design and architectural thinking - Understanding of security principles and threat modeling - Ability to write clean, maintainable, and efficient code - Strong debugging and troubleshooting skills - Excellent communication and documentation abilities - Self-motivated with strong research capabilities What You'll Gain: - Hands-on experience in defence technology projects - Exposure to real-world cryptographic implementations - Mentorship from experienced security engineers - Understanding of secure software development lifecycle - Certificate and potential for full-time employment,

Role Overview: As an Application Security Tester at the company, your main responsibility will be to perform various security testing activities, collaborate with clients, create detailed reports, and contribute to enhancing the security knowledge base of the team. You will also participate in quality initiatives to ensure the effectiveness of security measures. Key Responsibilities: - Perform Application Security Testing - Perform Network Penetration Testing - Perform Vulnerability Assessment of Servers - Verify Scan results through manual testing - Co-ordinate with the clients for Project related queries - Undertake meetings with the client teams for discussing security issues and recommendations - Create detailed security reports - Keep track of project progress & send regular updates - Research on security tools - Create Security Knowledge base for the team - Participate in quality initiatives Qualifications Required: - Degree in BE/Bsc IT/MTech/ME - 2-3 years of relevant experience Additional Details: The job location is in Pune-On Site. Required Knowledge Areas: - Web Application Security including OWASP Top 10 - Mobile Application Security including Mobile OWASP Top 10 - NMAP/Port Scanning - Vulnerability Scanning & Verification - Web Traffic Interception (For Web/Mobile apps) - SSL Security Tools Experience: You should have working knowledge of the following tools: - Web Proxy Editors - Network Sniffers - Nessus Scanner - Reverse Engineering Tools - Mobile Application security tools for either Android or IOS - Any one Web Application Security Scanner Certification Requirement: Candidates must possess any one of the following certifications: - CEH - ECSA - OSCP Other Skills: In addition to the technical requirements, you should excel in: - Documentation - Communication Skills If you are interested in this position, please share your resume with hr@synradar.com. Immediate joiners are preferred.,

You will be joining WRI India's Energy Program as a Program Associate for Energy for Equitable Development. Your role will involve conducting research at the intersection of energy and various rural and urban development nodes. This includes researching the use of energy for improving health, livelihoods, education sectors, and other social and productive outcomes. You will contribute to expanding and sharpening the research portfolio of the program. - Lead and conduct secondary and primary research on topics related to energy, health, agriculture, livelihoods, governance, climate vulnerabilities, and overall socio-economic development. - Analyze international, national, and sub-national policies on Distributed Renewable Energy (DRE) adoption to identify opportunities and barriers for energy access and DRE policies. - Conduct secondary mapping of organizations engaged in the mentioned sectors. - Produce high-quality research products and data visualizations to inform stakeholders and policymakers. - Collect and analyze data from diverse sources. - Support team coordination in various tasks. - Participate in stakeholder consultations, workshops, and document learnings. - Review and summarize papers and articles provided by the team. - Support capacity building activities as required. - Master's Degree in Policy, Development studies, Energy, Economics, Environment science, Climate Change, or related discipline. - 2-4 years of full-time relevant work experience in the energy sector. - Passion for energy and development issues. - Strong qualitative and quantitative analysis skills, including proficiency in MS Excel, R/STATA/SPSS, PowerPoint, and other data visualization tools. - Willingness to travel for work and conduct field visits on short notice. - Ability to work independently and as part of a team with keen attention to detail. - Ability to present complex information clearly, think creatively, and work under pressure. - Excellent writing, editing, listening, and communication skills. WRI India, part of the World Resources Institute, is dedicated to providing objective information and practical proposals for environmentally sound and socially equitable development. The organization focuses on moving human society towards living in ways that protect Earth's environment and meet the needs of current and future generations. With over 400 researchers, WRI India works towards transformative solutions to protect the earth, promote livelihoods, and enhance human well-being.,

As a Senior Threat Researcher at Zscaler, you will be joining the Security Research Team reporting to the Senior Director, Threat Intelligence. Your primary responsibilities will include: - Leading advanced vulnerability research projects to enhance security solutions - Conducting in-depth research to identify zero-day vulnerabilities in popular software applications - Developing proof-of-concept exploits to demonstrate the potential impact of zero-day vulnerabilities - Mentoring and guiding junior researchers to foster a culture of continuous learning and innovation - Documenting findings and providing detailed technical reports as well as presenting research at industry conferences Minimum Qualifications: - Required 5+ years in vulnerability research and Windows Internals - Significant experience with debuggers (OllyDbg, WinDbg, or x64dbg) and disassemblers/decompilers (IDA Pro or Ghidra) - Proficient in common software vulnerabilities and binary exploitation - Experience building automated fuzzing tools to discover new vulnerabilities - Track record of responsible disclosure with documented CVEs for Microsoft products and services - Comfortable presenting technical research and speaking in front of large audiences Preferred Qualifications: - Professional English writing skills and experience in drafting blogs, technical reports, etc - Deep knowledge of Windows operating system internals such as the kernel architecture and related components - Familiar with Windows security features such as ASLR, DEP, and Control Flow Guard as well as evasion techniques Zscaler is dedicated to creating an inclusive and supportive culture, fostering collaboration and belonging. The company offers comprehensive benefits to meet the diverse needs of employees and their families, including various health plans, time off, parental leave, retirement options, education reimbursement, in-office perks, and more. If you are passionate about cybersecurity research and innovation, and enjoy working in a fast-paced and collaborative environment, Zscaler welcomes you to contribute to their mission of making business seamless and secure.,

Role Overview: As an Open Source Technology Application Security Specialist, you will be a crucial part of the team, leveraging your expertise in open-source technologies and modern web development frameworks like React, Node.js, Python, and Angular. Your primary focus will be on identifying, mitigating, and preventing security risks across both front-end and back-end applications. Collaboration with engineering, DevOps, and infrastructure teams will be key to enhancing the overall security posture of applications hosted across cloud and on-premise environments. Key Responsibilities: - **Secure Coding Governance:** Establish, enforce, and monitor secure coding standards across all open-source technology stacks (React, Node.js, Python, Angular, etc.) to minimize application security risks. - **Vulnerability Management:** Identify, analyze, and remediate security vulnerabilities within codebases, APIs, and cloud applications. Focus areas include injection attacks, cross-site scripting (XSS), insecure deserialization, and related OWASP Top 10 issues. - **Penetration Testing:** Plan and execute penetration tests and dynamic security assessments to uncover application weaknesses and work with development teams to implement corrective measures. - **Web Application Firewalls (WAF) And Cloud Security:** Configure, tune, and monitor WAFs, API gateways, and cloud-native security tools (AWS/Azure/GCP) to protect open-source applications and services. - **Technical Leadership:** Provide technical guidance on secure design and implementation for open-source frameworks and tools. Leverage expertise in React, Node.js, Python, Angular, and related libraries to support secure architecture decisions. - **Collaboration And Training:** Work closely with product engineering, QA, and operations teams to embed security best practices across all stages of development. Conduct developer training and knowledge sessions to strengthen security awareness. - **Continuous Improvement:** Perform threat modeling and design reviews for new and existing applications. Develop and automate security validation tools and scripts to identify vulnerabilities early in the SDLC. Monitor and respond to application-level security incidents and provide root-cause analysis. Continuously research emerging security threats, tools, and frameworks relevant to open-source ecosystems. Qualification Required: - **Technical Proficiency:** Strong hands-on experience in React, Node.js, Python, Angular, and related open-source technologies. Solid understanding of RESTful APIs, OAuth2/OpenID Connect, JWT, and microservices architectures. - **Security Expertise:** Comprehensive understanding of application security principles, OWASP Top 10, and secure SDLC methodologies. Experience performing static and dynamic code analysis (SAST/DAST) and API security testing. - **Security Tools Experience:** Proficient in open-source and commercial security tools such as Burp Suite, OWASP ZAP, SonarQube, Checkmarx, or similar vulnerability scanners. - **Analytical Abilities:** Strong analytical and problem-solving skills to assess complex application security issues and implement effective mitigation strategies. - **Communication:** Excellent interpersonal and communication skills with the ability to collaborate effectively with engineering teams and key stakeholders.,

**Role Overview:** As a Hardware Penetration Tester on our Device Penetration Testing team at Cisco, you will proactively engage in technical and hands-on security assessments to strengthen the security of millions of Cisco devices. Your main responsibilities will include dissecting hardware, analyzing firmware, identifying critical vulnerabilities, and contributing to the security and trustworthiness of Cisco's product portfolio. **Key Responsibilities:** - Perform technical and hands-on security assessments by analyzing hardware components and interactions, including JTAG, UART, SPI, and I2C communication analysis. - Conduct in-depth analysis of firmware interactions with underlying hardware, extract content from SPI flash and other on-board memory, and audit the security of hardware protocols. - Engineer and implement exploit chains to bypass advanced hardware and firmware security mechanisms, demonstrating full compromise scenarios. - Research emerging hardware attack surfaces, develop innovative exploitation techniques, and enhance offensive security skillset. - Document identified vulnerabilities with detailed technical write-ups and collaborate with engineering teams for effective remediation. - Utilize automation, custom scripting, and AI/ML technologies for vulnerability discovery and streamline security analysis workflows. - Analyze recurring vulnerability patterns, translate findings into actionable security insights, and influence secure design to prevent future vulnerabilities. **Qualifications Required:** - Security-focused mindset with a genuine passion for penetration testing and vulnerability research. - Familiarity with firmware extraction techniques and methodologies. - Strong understanding of embedded hardware interfaces, protocols, and conducting JTAG, UART, and SPI-based testing. - Ability to identify and bypass hardware security mechanisms, familiarity with embedded operating systems, and architectures. - Proficiency in programming and scripting (e.g., Python, C, Bash), experience with hardware debug tools, and test equipment. - Solid understanding of network security, penetration testing methodologies, and industry frameworks such as OWASP. - Bachelor's degree in Computer Science, Information Security, or 5+ years of related work experience. - 4+ years of hands-on experience in web application security, firmware security, authentication, and security protocols. - Strong written and verbal communication skills to explain complex security issues clearly to technical and non-technical audiences. **Additional Details:** Cisco is revolutionizing how data and infrastructure connect and protect organizations in the AI era and beyond. With over 40 years of fearless innovation, Cisco provides solutions that power how humans and technology work together across the physical and digital worlds. The company encourages diversity and offers limitless opportunities for growth and collaboration on a global scale. Cisco empowers its employees to make a meaningful impact worldwide.,

As an EPM Vulnerability Management and 3rd party patching Associate at NTT DATA in Noida, Uttar Pradesh, India, your role is crucial in ensuring the stability, security, and optimal performance of the organization's IT infrastructure. **Role Overview:** Your primary responsibilities will include: **Key Responsibilities:** - **SCCM Administration**: - Configure and maintain System Center Configuration Manager (SCCM) for operating system deployment and patch management. - Create and manage SCCM collections, queries, and deployment packages. - Monitor SCCM health, troubleshoot issues, and perform regular maintenance tasks. - **Patch Management**: - Develop and implement patch management strategies and policies for timely deployment of security patches and updates. - Coordinate patch testing, evaluation, and deployment schedules based on business needs and maintenance windows. - Stay updated with industry best practices to enhance system security and reliability. - **Endpoint Management**: - Ensure compliance with patch levels and configuration standards across all endpoints. - Automate endpoint configuration and software deployments using SCCM for operational efficiency. - **Documentation and Reporting**: - Maintain comprehensive documentation of SCCM configurations, processes, and procedures. - Generate regular reports on patch compliance, deployment status, and system health for stakeholders and management. - **Collaboration and Support**: - Collaborate with IT security teams to prioritize critical patches and vulnerabilities. - Provide technical support and guidance to other IT teams and end-users on SCCM-related issues. **Qualifications**: - 8 years of relevant experience or equivalent combination of education and work experience. - Good understanding of SCCM Software Updates, including 3rd Party Patching and Vulnerability Management Detection & Remediation. - In-depth knowledge of configuration management principles and best practices. If you are interested in working at NTT DATA, it is a trusted global innovator of business and technology services, dedicated to helping clients innovate, optimize, and transform for long-term success. With a diverse team of experts in over 50 countries, NTT DATA offers services in business and technology consulting, data and artificial intelligence, industry solutions, and the development, implementation, and management of applications, infrastructure, and connectivity. As a Global Top Employer, NTT DATA is committed to investing in R&D to support organizations and society in confidently transitioning into the digital future. Visit us at us.nttdata.com.,

As a Senior Consultant in the Cyber Security department based in Gurugram, your role will involve a variety of responsibilities and qualifications: You should be open to travel for this position, and you will be expected to have expertise in various areas of cyber security. Key Responsibilities: - Programming Languages: Proficiency in languages used for storing and processing raw data. - Operating Systems Knowledge: Understanding of OSs such as Windows, macOS, Linux, UNIX, and new OSs. - Penetration Testing: Conducting penetration testing to assess system security and vulnerabilities. - Ethical Hacking and Coding Practices: Utilizing threat modeling and configurations. - Advanced Persistent Threat Management: Familiarity with social engineering, phishing, and network access control. - Firewall Safety and Management: Skills in fail-safe features, breach detection, backups, and prevention protocols. - Encryption Techniques and Capabilities: Ensuring secure data transmission over the internet. - Compliance Assessments: Knowledge of GLBA, HIPAA, PCI, NIST, and SOX. - Frameworks: Understanding of COBIT and ITIL. Qualifications Required: - 5+ years of experience in cybersecurity, IT systems operation, and IT solutions development and maintenance. - Extensive experience with vulnerability management and patch management control platforms. - Experience in troubleshooting patch deployment through log analysis. - Knowledge of OWASP top10 and network security frameworks like NIST and ISO. - Hands-on experience in VAPT, configuration review, policy review, and hardening of systems. - Practical experience in Application Code Review and Testing tools. - Strong communication and analytical skills for client interaction. - Experience in Mobile AppSEC, API testing, and willingness to travel. - Proficiency in presentation and report making. - Research knowledge in Cyber-Security for client customization. - Expertise in tools like Burp, Nessus, Nmap, Qualys, and Metasploit. - Knowledge of SIEM/SOAR, DLP, EDR/EPP, Firewall/IPS, Web Servers. - Basic scripting knowledge in any language is a plus.,

As a Cybersecurity Researcher at the company, you will play a crucial role in conducting security research to detect vulnerabilities in public-facing assets. Your responsibilities will include: - Conducting in-depth research to identify vulnerabilities affecting public-facing assets. - Staying up-to-date with the latest cybersecurity trends, attack vectors, and emerging threats. - Collaborating with the team to assess and prioritize potential security risks. - Developing custom security plugins and scripts to detect vulnerabilities in public-facing assets. - Utilizing your expertise to identify and generate fingerprints/banners for products and services on public-facing assets. - Performing data analysis on information collected from security scans and assessments. - Using technologies like PySpark or other data analysis tools to process, clean, and extract valuable insights from collected data. - Conducting quality checks on collected data to ensure accuracy and reliability. Qualifications required: - 1+ years of experience in cybersecurity research. - Proficiency in coding and scripting, specifically in Python. Location: Hyderabad, India,

As an experienced Information Security professional, you will be responsible for performing Vulnerability assessment & Policy Compliance using leading Vulnerability Scanning solutions like Qualys. Your role will involve conducting assessments on On-premises, Cloud hosted systems, containers (such as Docker & Kubernetes), databases, web services, and other widely deployed infrastructure components. You will be required to validate false positives, analyze vulnerability results, and act as a technical Subject Matter Expert (SME) in detection logic. Providing technical advice and support on remediation to infrastructure/application support teams will also be part of your responsibilities. Key Responsibilities: - Perform Vulnerability assessment & Policy Compliance using tools like Qualys - Conduct assessments on On-premises, Cloud hosted systems, containers, databases, and web services - Validate false positives and ensure quality report delivery - Analyze vulnerability results and detection logic as a technical SME - Provide technical advice and support on remediation to support teams - Identify root causes for common issues and recommend sustainable improvements - Maintain vulnerability quality assurance by building VM team knowledge base - Research and report on security vulnerabilities and advancements - Understand and communicate security policies, procedures, and guidelines - Provide suggestions for improving Vulnerability Management service based on IT trends - Act as line manager in the absence of team lead Qualifications Required: - Minimum 6 years of experience in Information security, preferably in Banking and Financial services sector - In-depth working experience on Cloud technologies, routers, switches, firewalls, load balancers, and proxy - Bachelor Degree in Engineering, Computer Science/Information Technology or equivalent - Industry certifications such as CISSP, CCNA Security, CCIE, CCNP Security, CISA, CRISC, and CISM - Strong knowledge and expertise in multiple areas within Information Security - Hands-on skill and expertise in risk/threat assessments and consulting - Excellent written, oral communication, and reporting skills - Ability to provide technical leadership and direction for implementing security systems - Develop strategy for maintaining compliance against security policies district-wide - Time management, organizational skills, and willingness to learn new skills quickly This job will allow you to utilize your expertise in Information Security to contribute effectively to the company and stay updated with the latest advancements in the field.,