PythonAbout the Role
We are seeking an experienced Cyber Security Specialist who can operate across both offensive and defensive security disciplines. This dual-role professional will lead Vulnerability Assessment and Penetration Testing (VAPT) engagements, act as the in-house Red Team to simulate real-world adversaries, and own the implementation and continuous improvement of the Information Security Management System (ISMS) aligned with ISO/IEC 27001 and related standards. You will combine hands-on offensive security work with governance, audit readiness, and stakeholder engagement across engineering, IT, legal, and executive leadership.
Key Responsibilities
VAPT & Red Team Operations
- Plan, scope, and execute end-to-end Vulnerability Assessment and Penetration Testing (VAPT) engagements across web applications, mobile apps, APIs, networks, cloud environments, wireless, and physical infrastructure.
- Act as the organization's in-house Red Team, simulating advanced persistent threat (APT) actors through adversary emulation, social engineering, phishing campaigns, and physical intrusion testing where authorized.
- Design and execute Red Team operations aligned with MITRE ATT&CK, TIBER-EU, and similar frameworks; develop custom Tactics, Techniques, and Procedures (TTPs).
- Conduct manual and automated exploitation, post-exploitation, lateral movement, privilege escalation, and persistence testing in production-like environments.
- Develop custom exploits, payloads, scripts, and tooling (Python, PowerShell, Bash, C/C++, Go) to bypass security controls during sanctioned engagements.
- Perform source code reviews, threat modeling, and secure architecture reviews of new and existing systems.
- Coordinate Purple Team exercises with the Blue Team / SOC to validate detection coverage and improve defensive playbooks.
- Produce high-quality VAPT and Red Team reports with executive summaries, technical findings, proof-of-concept exploits, risk ratings (CVSS), and prioritized remediation guidance.
- Re-test remediated findings and track closure with engineering and IT teams through to verification.
ISO Compliance & Governance
- Lead the implementation, maintenance, and continual improvement of the ISMS in line with ISO/IEC 27001:2022, including scope definition, Statement of Applicability (SoA), and risk treatment plans.
- Own and maintain ISO policies, procedures, controls, and documentation across the organization, ensuring alignment with ISO 27001, ISO 27017, ISO 27018, and ISO 22301.
- Plan and coordinate internal and external audits; serve as the primary liaison with certification bodies, auditors, and regulators.
- Conduct risk assessments, business impact analyses (BIA), and threat modeling; maintain a central risk register and drive remediation.
- Map VAPT and Red Team findings to ISO 27001 Annex A controls and feed results into the risk management lifecycle.
- Support compliance with adjacent frameworks: SOC 2, NIST CSF, GDPR, HIPAA, PCI-DSS, and DPDP Act (India), as applicable.
- Define and report security and compliance KPIs/KRIs to senior leadership; prepare materials for management reviews and board updates.
- Develop and deliver security awareness training, phishing simulations, and role-based secure-coding training.
- Drive third-party / vendor risk management, including security questionnaires, contractual clauses, and ongoing monitoring.
- Partner with engineering and DevOps to embed security into the SDLC, CI/CD pipelines, and cloud architectures (DevSecOps).
Incident Response & Continuous Improvement
- Support incident response activities: detection, triage, containment, eradication, recovery, and post-incident reviews.
- Maintain business continuity and disaster recovery plans; coordinate BCP/DR testing and tabletop exercises.
- Stay current on emerging threats, CVEs, attacker techniques, regulatory changes, and ISO standard updates; recommend and drive improvements.
Required Qualifications
- 8+ years of progressive experience in cyber security, with at least 4 years in hands-on offensive security (VAPT, penetration testing, or Red Team) and 3+ years in ISO 27001 implementation and audits.
- Proven track record of leading VAPT engagements across web, mobile, API, network, cloud (AWS / Azure / GCP), and wireless environments.
- Hands-on experience executing Red Team operations and adversary emulation aligned with MITRE ATT&CK.
- Deep proficiency with offensive security tooling: Burp Suite Pro, Metasploit, Cobalt Strike (or open-source equivalents like Sliver, Mythic, Havoc), Nmap, Nessus, Nuclei, BloodHound, Impacket, Responder, and OWASP ZAP.
- Strong scripting and exploit development skills in Python, PowerShell, Bash, and at least one compiled language (C/C++, Go, or Rust).
- Proven hands-on experience leading an organization through ISO 27001 certification and surveillance audits end-to-end.
- Strong working knowledge of ISO/IEC 27001:2022 (including Annex A controls), ISO 27002, ISO 27017, ISO 27018, and ISO 22301.
- Solid understanding of security domains: IAM, network security, endpoint security, cloud security, application security (OWASP Top 10, API Security Top 10), and Active Directory attack paths.
- Experience with risk assessment methodologies (ISO 27005, NIST 800-30) and the ability to translate offensive findings into business risk.
- Strong report-writing, policy-drafting, and executive communication skills.
- Bachelor's degree in Computer Science, Information Security, Engineering, or a related field (or equivalent experience).
Preferred Qualifications
- Offensive security certifications: OSCP, OSEP, OSWE, OSED, CRTO, CRTP, CRTE, CRTL, GPEN, GXPN, GWAPT, or CEH Practical.
- Governance certifications: ISO 27001 Lead Implementer and/or Lead Auditor, CISSP, CISM, CISA, or CRISC.
- Cloud security certifications (CCSP, AWS Security Specialty, Azure Security Engineer, or GCP Professional Cloud Security Engineer).
- Published CVEs, security research, bug bounty achievements, or contributions to open-source security tools.
- Experience with Active Directory / Entra ID red teaming, Kerberos attacks, and modern EDR/XDR evasion techniques.
- Experience with container, Kubernetes, and serverless security testing.
- Experience implementing or auditing additional frameworks: SOC 2 Type II, NIST CSF, NIST 800-53, HITRUST, or PCI-DSS.
- Experience with GRC platforms (Vanta, Drata, Sprinto, ServiceNow GRC, Archer, OneTrust).
- Experience in regulated industries: financial services, healthcare, SaaS, or critical infrastructure.
- Experience briefing executive leadership, customers, and external auditors on offensive findings and remediation strategy.
Shubham Vishwakarma
Full Stack Developer - Averlon
About Fonada
About
Company social profiles
Similar jobs
Role : Assistant Manager – Marketing
Exp : 4 to 10 years
Experience:
• 4–7 years of experience in B2B marketing, preferably in certification, training, SaaS, consulting, or services
industry
• Experience leading multi-channel campaigns and content creation
• Prior exposure to compliance, ISO standards, ESG, or cyber/information security is an added advantage
Skills & Competencies
• Strategic thinking with the ability to translate technical offerings into client-centric communication
• Strong writing, editing, and visual storytelling skills
• Proficient in Google Ads, Meta Business Suite, Canva, Google Analytics, SEO tools, and CRM platforms
(Zoho preferred)
• Excellent planning, prioritization, and project management capabilities
• Self-motivated, detail-oriented, and able to work cross-functionally with minimal supervision
- 5+ years of hands-on ServiceNow development experience.
- 3+ years of dedicated, in-depth experience implementing, configuring, and customizing the ServiceNow SPM/ITBM suite.
- Technical Certifications:
- Must-Have: ServiceNow Certified Implementation Specialist – Project Portfolio Management (CIS-PPM).
- Strongly Required: ServiceNow Certified Application Developer (CAD).
- SPM Module Expertise (Hands-On):
- Demonstrated mastery of the PPM suite (Demand, Project, Portfolio, Resource Management).
- Proven experience with Application Portfolio Management (APM).
- Solid understanding and configuration experience with Agile Development 2.0 and its integration points.
- Platform Skills:
- Expert proficiency in ServiceNow scripting (both client-side and server-side).
- Strong knowledge of the ServiceNow platform architecture, including the Common Service Data Model (CSDM).
- Experience building and consuming REST/SOAP web services.
- Analytical Skills:
- Excellent problem-solving skills with the ability to analyze complex business requirements and translate them into technical designs.
- Strong communication and interpersonal skills, with the ability to effectively collaborate with both technical teams and business leaders.
Preferred Qualifications:
- BS degree in Computer Science or Engineering or equivalent experience
Roles & Responsibilities
Roles and Responsibilities:
- SPM Module Implementation: Lead the design, configuration, development, and implementation of core SPM applications, including:
- Project Portfolio Management (PPM): Including Ideation, Demand, Project, Program, and Portfolio modules.
- Application Portfolio Management (APM): For application inventory, rationalization, and technology portfolio management.
- Agile Development 2.0: Configure and manage stories, epics, themes, and sprints, ensuring seamless integration with PPM.
- Resource Management: Develop and configure solutions for capacity planning, resource allocation, and time management.
- Financial Management: Assist in configuring cost models, budgets, and financial reporting related to projects and portfolios.
- Custom Development & Platform Expertise:
- Develop high-quality, scalable, and maintainable custom solutions using ServiceNow platform capabilities, including Business Rules, Client Scripts, UI Actions, UI Policies, and Flow Designer/Workflows.
- Utilize advanced scripting skills in JavaScript, Glide APIs (GlideRecord, GlideAjax), and HTML/CSS to deliver custom functionality.
- Serve as the technical SME for the SPM module, providing guidance on best practices and platform limitations.
- Integrations:
- Design and implement integrations between ServiceNow SPM and other enterprise systems (e.g., Jira, Azure DevOps, financial systems) using IntegrationHub, REST, and SOAP APIs.
- Stakeholder Collaboration & Support:
- Collaborate with business analysts and stakeholders to gather requirements, create technical designs, and deliver solutions that meet business needs.
- Provide advanced support for SPM applications, troubleshoot complex issues, and perform root cause analysis.
- Reporting and Analytics:
- Create sophisticated reports, Performance Analytics dashboards, and custom visualizations to provide stakeholders with actionable insights into portfolio health, project status, and resource utilization.
- Governance and Maintenance:
- Manage application upgrades, patching, and release cycles for the SPM suite.
- Ensure adherence to coding standards, development best practices, and effective use of update sets for deployments.
Job Title: Accounts Consolidation and Reporting Manager
Location: Mumbai
Department: Finance & Accounts
Reports To:
Job Purpose:
The Accounts Consolidation and Reporting Manager will oversee the consolidation of financial data from various departments and projects within the engineering and construction company. This role is responsible for preparing accurate, timely financial statements, ensuring compliance with accounting standards, and providing comprehensive financial reporting to senior management.
Key Responsibilities:
1. Financial Consolidation:
o Consolidate financial data from multiple business units and projects to prepare consolidated financial statements, ensuring accuracy and completeness.
o Manage month-end and year-end closing processes, ensuring all financial data is consolidated on time.
2. Financial Reporting:
o Prepare and present monthly, quarterly, and annual financial reports, including profit & loss statements, balance sheets, and cash flow statements.
o Provide detailed analysis of financial performance, including variance analysis against budget and prior periods.
3. Compliance & Internal Controls:
o Ensure compliance with accounting standards, company policies, and regulatory requirements in all financial reporting activities.
o Develop and maintain internal controls to safeguard financial data and ensure the integrity of financial information.
4. Collaboration with Project Teams:
o Work closely with project managers and departmental heads to gather financial data and ensure that project-specific costs are accurately reflected in the consolidated reports.
5. Audit & Financial Reviews:
o Support internal and external audits by providing required documentation and ensuring financial records are audit-ready.
o Assist in identifying any financial discrepancies and work to resolve them in a timely manner.
Key Requirements:
· Education:
o Bachelor’s degree in Finance, Accounting, or related field.
o CA is Mandatory.
· Experience:
o At least 10+ years of experience in financial consolidation and reporting within the engineering or construction industry.
· Skills:
o Strong understanding of financial consolidation, reporting, and accounting principles.
o Proficient in SAP and MS Excel.
Amazon Web Services (AWS)PythonWe are looking for an exceptionally talented Lead data engineer who has exposure in implementing AWS services to build data pipelines, api integration and designing data warehouse. Candidate with both hands-on and leadership capabilities will be ideal for this position.
Qualification: At least a bachelor’s degree in Science, Engineering, Applied Mathematics. Preferred Masters degree
Job Responsibilities:
• Total 6+ years of experience as a Data Engineer and 2+ years of experience in managing a team
• Have minimum 3 years of AWS Cloud experience.
• Well versed in languages such as Python, PySpark, SQL, NodeJS etc
• Has extensive experience in Spark ecosystem and has worked on both real time and batch processing
• Have experience in AWS Glue, EMR, DMS, Lambda, S3, DynamoDB, Step functions, Airflow, RDS, Aurora etc.
• Experience with modern Database systems such as Redshift, Presto, Hive etc.
• Worked on building data lakes in the past on S3 or Apache Hudi
• Solid understanding of Data Warehousing Concepts
• Good to have experience on tools such as Kafka or Kinesis
• Good to have AWS Developer Associate or Solutions Architect Associate Certification
• Have experience in managing a team
CodeIgniter
jQuery🚀 We're Hiring! PHP Developer in CodeIgniter
📍 Location: Phase-8B, Mohali, Punjab
💼 Type: Full-Time | Permanent
🔧 Experience: 1.6 – 2️⃣ Years
💰 Salary: ₹20,000 – ₹25,000/month (₹2.4 – ₹3 LPA)
👨💻 Role Overview
Join our growing tech team and contribute to building scalable web applications using PHP & CodeIgniter (Laravel experience is a bonus!).
🛠️ Key Responsibilities
- Develop and maintain backend web applications (PHP - CodeIgniter/Laravel)
- Design and query MySQL databases
- Integrate REST APIs, third-party tools & payment gateways
- Work closely with frontend developers for seamless UI/UX
- Debug, test, and optimize application performance
🔍 Must-Have Skills
- 1.6–2 years of PHP experience (CodeIgniter or Laravel preferred)
- Strong understanding of MVC architecture & OOP concepts
- Experience with MySQL, jQuery, AJAX, Bootstrap
- Familiar with Git, REST APIs, JSON/XML
🎓 Qualifications
- UG: BCA / B.Sc / B.Tech (CS/IT)
- PG: MCA / M.Tech / M.Sc (preferred but not mandatory)
🌟 Why Join Us?
✨ Work on live, real-time projects
✨ Friendly & collaborative team culture
✨ Growth path for career & skill development
✨ Performance-based incentives
#hiring #phpdeveloper #mohali #codeigniter #laravel #webdeveloper #backenddeveloper #techjobs #jobopening #itjobs #developers #careeropportunity
About the Company:
Our client is an Entertainment Network that owns 73 frequencies and is an advertising partner for another 3, across 63 cities, making it India's largest private FM radio broadcaster. With the highest listenership across the country and a track record of developing innovative content, it has been expanding and retaining its audiences and advertisers through the years.
KEY RESPONSIBILITIES :
Brand Management
- Custodian of Brand for the State; leads the Agenda of Brand Building
- Creates the Brand Marketing Plan and executes marketing calendar for the main station and supports the cluster stations for their marketing activities.
- Leads the consumer immersion for the Station to ensure there is regular interaction with the youth of the city and regular inputs are provided to Programming on Content.
- Creating Buzz around the Brand to improve Brand Saliency and Imagery scores
- Leads the Digital Initiative for the State and champions the Digital marketing calendar to grow the online presence
- Growing the Listenership Base by developing a Full year Marketing calendar with a focus on specific TG. Driving Market Research analytics and feeding into the Product portfolio to grow listenership
- Working closely with Programming to develop content in terms of Music, Content, Movie tie-ups
- Collaboration with the Local Movie industry and Premium Events in the City
- Leveraging the content and star cast to get the halo effect on the Brand
- Tie-ups: Partnering with One large Non-Movie Event like Beauty and Sports to build Brand Salience
- Support revenue functions (internally) with idea generation, execution of plans and data reports.
Reporting and MIS
- Mining IRS and other research reports to generate insights for both programming and Sales function
Digital
- Tracking Social media, Youtube analytics for station pages to gain insights into content formats that work and give such feedback to the team and ensure compliance.
- Updating station-level pages on the website
- Growing brand online radio listenership through suggestions on data analytics and marketing campaigns
INTERNAL & EXTERNAL STAKEHOLDER MANAGEMENT
- Finance
- Sales
- MA
- FIM
- Corporate Marketing
REQUIREMENTS
- Post Graduate with 5-10yrs of experience in Brand Marketing
- Excellent communication skills
- Team player
- Collaboration
- Must know Kannad/Telugu
React.js
Javascript
Redux/Flux
HTML/CSSAbout us:
HappyFox is a software-as-a-service (SaaS) support platform. We offer an enterprise-grade help desk ticketing system and intuitively designed live chat software.
We serve over 12,000 companies in 70+ countries. HappyFox is used by companies that span across education, media, e-commerce, retail, information technology, manufacturing, non-profit, government and many other verticals that have an internal or external support function.
To know more, Visit! - https://www.happyfox.com/
What you can expect as a Senior Frontend Engineer at HappyFox:
- You will consistently ship features and improvements with minimal guidance and support from other team members.
- You’ll work alongside the Product, Design, and, Backend Engineering teams to iterate on new features within HappyFox products.
- You will advocate for improvements to product quality, security, and performance.
- You will solve technical problems of high scope and complexity.
- You will craft code that meets our internal standards for style, maintainability, and best practices for a high-scale web environment.
- You will maintain and advocate for these standards through code review.
- You will recognize inefficiencies in our team, and propose solutions.
You should apply if:
- You have 5+ years of relevant professional experience in building web applications with javascript frameworks like Ember.js or React.js.
- You have a sound knowledge of HTML, CSS, and JavaScript.
- You can clearly and concisely communicate complex technical, architectural, and/or organizational problems and propose thorough, iterative solutions.
- You are comfortable working in a highly agile, intensely iterative software development process.
- You have demonstrated the ability to onboard and integrate with an organization long-term.
- You have a positive and solution-oriented mindset.
- You have experience owning a project from concept to production, including proposal, discussion, and execution.
- You are self-motivated and self-managing, with strong organizational skills.
C- Product and Application Development in C.
- Develop and debug Applications and Firmware in/for Embedded Linux Environment
- Design and development of real-time, multi-processor / multi-controller systems.
- Module-level design with proper software design practices
Required Qualifications:
- 4+ years of C development AND Linux experience
- Linux user space and kernel space programming experience
- Linux system programming
- Work experience with 8 / 32-bit microcontroller programming
- Experience with CAN, MODBUS, and high power systems software development.
- Source revision control (git, svn)
- Degree in Computer Science from a reputed institution
- Linux command line and development tools (e.g. shell script, Make, CMake, GDB, and GNU development tools)
Preferred Qualifications:
- Exposure to a full product development cycle.
- Programming experience in an object-oriented language (C++)
- Programming experience in a high-level language (e.g. Python)
- Knowledge of common Linux system calls, kernel interfaces, Linux device drivers, and configuration.
- Exposure to multi-processor product architecture.
- Experience in open source components and libraries (e.g. libxml, glib, qt, dbus, OpenSSL, curl, etc)
- Experience with Level2 AC EV chargers and/or DC fast chargers.
- Experience OR Knowledge with standards ISO 15118-2
- Add "8 bit / 16 bit / 32 bit microcontroller experience, specially ARM"
Javascript
NodeJS (Node.js)
PostgreSQLAmazon Web Services (AWS)- 5-10 years of experience in building API services using NodeJS Express and related frameworks
- Expert level understanding of NodeJS asynchronous runtime
- Expert level understanding of Javascript concepts on callbacks and closures
- Experience with Postgres, NoSQL, Redis, and Firebase real-time database
- Experience with AWS services like Elastic Beanstalk, Cloudfront, S3, EC2, Lambda, API Gateway, SQS, etc
- Understanding of patterns and techniques for building scalable back-end infrastructure including caching, rate limiting, authentication, and authorization schemes.
- Experience in building highly scalable and high throughput services with millisecond response times
- Experience working in a collaborative team environment
- Excellent communication & interpersonal skills
- Willingness to learn and pick up new technology along with patience to mentor
Bonus skills –
- Experience with Elastic Search, Puppeteer
- Experience writing unit test
Follow CutshortShubham Vishwakarma
Full Stack Developer - Averlon