5+ Ethical Hacking Jobs in India

Operating and owning agreed upon core security tools, technologies, and processes:
o Tools:
 CrowdStrike Falcon Sensor - Or similar AV engine
 Cisco Umbrella Web Filtering – Or similar Web Proxy Filter
 Cisco FTD Intrusion Prevention – Or similar IPS/IDS
 O365 Email Protection (Spam, Phishing) - Or similar
 Phish Insight (Phishing Campaigns) - Or similar phish campaign technology
 Nessus Professional – Or similar vulnerability scanning tool
 Cisco NGFW – Or similar FW technology
o Technologies:
 Cloud (AWS IaaS, O365 SaaS),
 On Premis (Windows 90%, Linux 10%)
o Processes:
 Computer security incident response
 Security reviews and assessments
 Vulnerability management Penetration tests

 Manage Level 3 security incidents and requests
 Ensures compliance with corporate policies and procedures
 Research new ways to improve existing technical security controls
 Project SME and Lead for security related projects
 Conduct Risk assessments and assist in remediation activities
 Assist in internal and external audit activities

Required Experience and Skills:
 Bachelor's degree in Information Security, Computer Science or Engineering
 Minimum of 3 years in security engineering
 Knowledge in cloud ecosystems security - Amazon AWS, Microsoft O365
 Ability to work well in an international team (US or EU time zone)
 English spoken and written on at least B2 level
 Understanding of security monitoring and identification concepts
 Assessing and understanding the impact, severity and urgency of issues
 Cybersecurity Certifications an advantage but not essential: CEH, C|HFI, CISSP, CISA, CISM
 Expertise across a variety of security products including those listed in requirements above

Position: IT Auditor

Experience: 4-12 Years

Location: Pune

Key Skills Required:

CISA, CISSP, CISM, IT Audit, Technology Audit, IT Infrastructure Audit, Application Security Audit, Information Security Audit, Cyber Security Audit, Cloud Security, Ethical Hacker

Additional key words: Vulnerability assessment, Penetration Testing, ITGC testing, Cloud Computing,

 

 

IT AUDITOR is responsible to plan and perform the audit assignment starting from audit announcement, audit planning, field work, audit quality reviews, pre-closing / closing meetings with the respective Directors / Head of the Departments including writing of the audit report and its finalization as well as follow up of the audit actions. Additionally IT AUDITOR will also be responsible to:
•    Evaluate IT systems, processes and projects in place;
•    Determine risks to the Group’s information assets, and help identify methods to minimize those risks;
•    Ensure information management processes are in compliance with IT-specific laws, policies and standards;
•    Determine inefficiencies in IT systems, IT projects and associated management processes and
•    Consult in IT projects, new initiatives and organizational frameworks.

Description

 

Audit Planning

1)    Perform audits at Volkswagen Group entities. and other concerned Volkswagen Group Companies with focus on IT processes keeping the associated business risks in mind.
2)    Participate in the preparation of audit objective & scope document along with audit schedule based on the audit objective and timeline specified by Head of IT Audit India Hub.
3)    Participate in the preparation of work program

Audit Process

1)     Prepare and conduct preparatory interviews with the Directors and Heads of the audited departments to identify the processes to be assessed during the audit.
2)     Request and collect relevant audit data for analysis from respective business areas.
3)     Prepare audit matrix on periodic basis to record the audit field work and update the progress of the audit to IT Audit Manager and the Head of IT Audit Hub India.
4)    Define actions including relevant controls to mitigate the business risks identified based on the evidences provided during the audit.
5)    Organize and conduct pre-closing meetings with business areas to agree upon audit observations and relevant actions.
6)    Prepare and conduct closing meetings with the Directors / Heads of the Department for audited division to agree upon the audit observations, risks and proposed actions.
7)    Prepare the draft audit report and submit the same to the  IT Audit Manager and the Head of IT Audit India Hub for review.
8)    Ensure that adequate documentation is prepared for the audit assignment. Peer review changes are done before release of the final audit report to the business area.
9)    Contact business area to review the progress of the implementation of audit actions defined in the final audit report. Based on the review, write the status of the follow up and submit the same for upload in RIAS.
10)    Obtain necessary certifications / qualifications to support the job requirements by attending relevant trainings
11)    Support the conduction of unscheduled audits/special investigations and audits from the anti-corruption system.
12)    Relevant knowledge is shared among the team members.
13)    Consult in IT projects, new initiatives and organizational frameworks.
14)    Ensure information management processes are in compliance with IT-specific laws, policies and standards.
15)    Determine risks to the Group’s information assets, and help identify methods to minimize those risks.
16)    Evaluate IT systems, processes and projects in place.
17)    Determine inefficiencies in IT systems, IT projects and associated management processes.

We are seeking a Security Program Manager to effectively drive Privacy & Security Programs in collaboration with cross functional teams. You will partner with engineering leadership, product management and development teams to deliver more secure products.

 

Roles & Responsibilities:

• Work with multiple stakeholders across various departments such as IT, Engineering, Business, Legal, Finance etc to implement controls defined in policies and processes.
• Manage projects with security and audit requirements with internal and external teams and serve as a liaison among all stakeholders.
• Managing penetration tests and security reviews for core applications and APIs.
• Identify, create and guide on privacy and security requirements considering applicable Data Protection Laws and implement them across software modules developed at Netmeds.
• Brainstorm with engineering teams to figure out how privacy and security controls can be applied to Netmeds tech stack.
• Coordination with Infra Teams and Dev Teams on DB and application hardening, standardization of server images / containerization.
• Assess vendors' security posture before onboarding them and after they qualify, review their security posture at a set frequency.
• Manage auditors and ensure compliance for ISO 27001 and other data privacy audits.
• Answer questions or resolve issues reported by the external security researchers & bug bounty hunters.
• Investigate privacy breaches.
• Educate employees on data privacy & security.
• Prioritize security requirements based on their severity of impact and product roadmap.
• Maintain a balance of security and business values across the organisation.

 Required Skills:

• Web Application Security, Mobile Application Security, Web Application Firewall, DAST, SAST, Cloud Security (AWS), Docker Security, Manual Penetration Testing.
• Good hands-on experience in handling tools such as vulnerability scanners, Burp suite, patch management, web filtering & WAF.

• Familiar with cloud hosting technologies (ex. AWS, Azure). Understanding of IAM, RBAC, NACLs, and KMS.

• Experience in Log Management, Security Event Correlation, SIEM.
• Must have strong interpersonal skills and should be able to communicate complex ideas seamlessly in written and verbal communication.

 

Good to Have Skills:

• Online Fraud Prevention.
• Bug Bounty experience.
• Security Operations Center (SOC) management.
• Experience with Amazon AWS services (EC2, S3, VPC, RDS, Cloud watch).
• Experience / Knowledge on tools like Fortify and Nessus.
• Experience in handling logging tools on docker container images (ex. Fluentd).

Certified Ethical Hacker Requirements:

• Bachelor’s degree in Information Technology or Computer Science.
• CEH Certification.
• Proven work experience of at least 2-5 years as a Certified Ethical Hacker.
• Effective Programming Skills required but not limited to HTML, JavaScript, Python, PHP, SQL etc.
• Advanced knowledge of networking systems and security software.
• In-depth knowledge of parameter manipulation, session hijacking, and cross-site scripting.
• Technical knowledge of routers, firewalls, and server systems.
• Good written and verbal communication skills.
• Good troubleshooting skills.
• Ability to see big-picture system flaws.

• B.Tech/B.E.(IT/Computers), B.Sc( Computers), MSc (IT), BCA (Computer) or any equivalent graduation or post-graduation

As a Senior Tech Lead:

 

You will be part of a thought leadership team that will design and develop the leading cyber security solution that protects digital assets of corporations such as Apple & the US Federal Govt.  This solution used by global Fortune 100 corporations will be massively scalable to secure their Global networks

 

You will bring to the table:

Domain: Networking and Network Security

Primary Skills: Java, Spring & Hibernate

Secondary Skills: Any one of Python / Java Script / Angular JS / Shell / ANTLR / Groovy

 

Expertise        

-           Excellent skills & experience in Java, Spring & Hibernate

-           Minimum 2 years of Experience in Networking and Network Security domain

-           Any Scripting language - Python / Java Script / Angular JS / Shell / ANTLR / Groovy

-           Strong object-oriented design skills, data structures, algorithms, and design patterns.

-           Tools Pivotal / GitHub / Jenkins 

-           Good to have Database design and management experience.

 

What you will do…

 

-           You will be hands on, writing high quality code and ensuring on-time delivery.

-           Provide guidance on software design, architecture, and interface choices.

-           Design highly scalable, reliable, secure and fault tolerant systems with minimal guidance.

-           Mentor engineers on design, coding, and troubleshooting.

-           Analyse requirements, problems and solve them with the best solution.

-           Create platforms, reusable libraries, and utilities wherever applicable.

-           Work in cross-functional team, collaborating with peers during entire SDLC.

-           Work as part of a team to solve complex technical problems.

-           Support customer queries, escalations, to keep high customer satisfaction.

About Benison

 

Benison Tech is a niche technology company that has been appointed by Intel, Broadcom, CISCO, Checkpoint, and Marvell to collaboratively spearhead the next generation Network Security, 5G and Wireless technologies. We help our mutual customers get to market faster by applying our core technical brilliance in solving complex engineering problems.

 

We work with the world leading technology companies in the latest bleeding edge technologies from 5G enablement to real-time ML based network security systems.

 

Our interview process isn’t easy, but necessary to ensure that we are a fit for each other. You will be working in a dynamic fast paced environment on cutting edge technologies, so roll up your sleeves and get ready for the challenge. We need people who are drawn to technology challenges rather than work in a plush corporate role.

 

 

You are a fit for Benison if

 

1. You want to work in the technologies of the future… Network Security, Cloud technologies, 5G and WiFi6.
2. You have a deep-rooted desire to learn new technologies.
3. You are driven by the passion of solving complex problems.
4. You want to work with some of the best minds in the industry