11+ Ethical Hacking Jobs in Delhi, NCR and Gurgaon | Ethical Hacking Job openings in Delhi, NCR and Gurgaon

About the Role 

We are seeking an experienced Cyber Security Specialist who can operate across both offensive and defensive security disciplines. This dual-role professional will lead Vulnerability Assessment and Penetration Testing (VAPT) engagements, act as the in-house Red Team to simulate real-world adversaries, and own the implementation and continuous improvement of the Information Security Management System (ISMS) aligned with ISO/IEC 27001 and related standards. You will combine hands-on offensive security work with governance, audit readiness, and stakeholder engagement across engineering, IT, legal, and executive leadership. 

Key Responsibilities 

VAPT & Red Team Operations 

• Plan, scope, and execute end-to-end Vulnerability Assessment and Penetration Testing (VAPT) engagements across web applications, mobile apps, APIs, networks, cloud environments, wireless, and physical infrastructure. 
• Act as the organization's in-house Red Team, simulating advanced persistent threat (APT) actors through adversary emulation, social engineering, phishing campaigns, and physical intrusion testing where authorized. 
• Design and execute Red Team operations aligned with MITRE ATT&CK, TIBER-EU, and similar frameworks; develop custom Tactics, Techniques, and Procedures (TTPs). 
• Conduct manual and automated exploitation, post-exploitation, lateral movement, privilege escalation, and persistence testing in production-like environments. 
• Develop custom exploits, payloads, scripts, and tooling (Python, PowerShell, Bash, C/C++, Go) to bypass security controls during sanctioned engagements. 
• Perform source code reviews, threat modeling, and secure architecture reviews of new and existing systems. 
• Coordinate Purple Team exercises with the Blue Team / SOC to validate detection coverage and improve defensive playbooks. 
• Produce high-quality VAPT and Red Team reports with executive summaries, technical findings, proof-of-concept exploits, risk ratings (CVSS), and prioritized remediation guidance. 
• Re-test remediated findings and track closure with engineering and IT teams through to verification. 

ISO Compliance & Governance 

• Lead the implementation, maintenance, and continual improvement of the ISMS in line with ISO/IEC 27001:2022, including scope definition, Statement of Applicability (SoA), and risk treatment plans. 
• Own and maintain ISO policies, procedures, controls, and documentation across the organization, ensuring alignment with ISO 27001, ISO 27017, ISO 27018, and ISO 22301. 
• Plan and coordinate internal and external audits; serve as the primary liaison with certification bodies, auditors, and regulators. 
• Conduct risk assessments, business impact analyses (BIA), and threat modeling; maintain a central risk register and drive remediation. 
• Map VAPT and Red Team findings to ISO 27001 Annex A controls and feed results into the risk management lifecycle. 
• Support compliance with adjacent frameworks: SOC 2, NIST CSF, GDPR, HIPAA, PCI-DSS, and DPDP Act (India), as applicable. 
• Define and report security and compliance KPIs/KRIs to senior leadership; prepare materials for management reviews and board updates. 
• Develop and deliver security awareness training, phishing simulations, and role-based secure-coding training. 
• Drive third-party / vendor risk management, including security questionnaires, contractual clauses, and ongoing monitoring. 
• Partner with engineering and DevOps to embed security into the SDLC, CI/CD pipelines, and cloud architectures (DevSecOps). 

Incident Response & Continuous Improvement 

• Support incident response activities: detection, triage, containment, eradication, recovery, and post-incident reviews. 
• Maintain business continuity and disaster recovery plans; coordinate BCP/DR testing and tabletop exercises. 
• Stay current on emerging threats, CVEs, attacker techniques, regulatory changes, and ISO standard updates; recommend and drive improvements. 

Required Qualifications 

• 8+ years of progressive experience in cyber security, with at least 4 years in hands-on offensive security (VAPT, penetration testing, or Red Team) and 3+ years in ISO 27001 implementation and audits. 
• Proven track record of leading VAPT engagements across web, mobile, API, network, cloud (AWS / Azure / GCP), and wireless environments. 
• Hands-on experience executing Red Team operations and adversary emulation aligned with MITRE ATT&CK. 
• Deep proficiency with offensive security tooling: Burp Suite Pro, Metasploit, Cobalt Strike (or open-source equivalents like Sliver, Mythic, Havoc), Nmap, Nessus, Nuclei, BloodHound, Impacket, Responder, and OWASP ZAP. 
• Strong scripting and exploit development skills in Python, PowerShell, Bash, and at least one compiled language (C/C++, Go, or Rust). 
• Proven hands-on experience leading an organization through ISO 27001 certification and surveillance audits end-to-end. 
• Strong working knowledge of ISO/IEC 27001:2022 (including Annex A controls), ISO 27002, ISO 27017, ISO 27018, and ISO 22301. 
• Solid understanding of security domains: IAM, network security, endpoint security, cloud security, application security (OWASP Top 10, API Security Top 10), and Active Directory attack paths. 
• Experience with risk assessment methodologies (ISO 27005, NIST 800-30) and the ability to translate offensive findings into business risk. 
• Strong report-writing, policy-drafting, and executive communication skills. 
• Bachelor's degree in Computer Science, Information Security, Engineering, or a related field (or equivalent experience). 

Preferred Qualifications 

• Offensive security certifications: OSCP, OSEP, OSWE, OSED, CRTO, CRTP, CRTE, CRTL, GPEN, GXPN, GWAPT, or CEH Practical. 
• Governance certifications: ISO 27001 Lead Implementer and/or Lead Auditor, CISSP, CISM, CISA, or CRISC. 
• Cloud security certifications (CCSP, AWS Security Specialty, Azure Security Engineer, or GCP Professional Cloud Security Engineer). 
• Published CVEs, security research, bug bounty achievements, or contributions to open-source security tools. 
• Experience with Active Directory / Entra ID red teaming, Kerberos attacks, and modern EDR/XDR evasion techniques. 
• Experience with container, Kubernetes, and serverless security testing. 
• Experience implementing or auditing additional frameworks: SOC 2 Type II, NIST CSF, NIST 800-53, HITRUST, or PCI-DSS. 
• Experience with GRC platforms (Vanta, Drata, Sprinto, ServiceNow GRC, Archer, OneTrust). 
• Experience in regulated industries: financial services, healthcare, SaaS, or critical infrastructure. 
• Experience briefing executive leadership, customers, and external auditors on offensive findings and remediation strategy. 

Now Hiring: Quality Analyst – BPO Operations | Location: Gurugram (Onsite)

Job Title: Quality Analyst

Work Location: Gurugram (Onsite)

Education:

• Minimum qualification: Graduate

Experience:

• 2 to 8 years of total work experience
• Minimum 2 years of experience as a Quality Analyst in a BPO (on paper) is mandatory

Key Responsibilities

• Evaluate live and recorded calls to ensure service quality standards
• Monitor and analyze: Team performance and team strength | Call duration and Average Handling Time (AHT)
• Provide structured and actionable feedback to agents
• Conduct regular call calibration sessions
• Maintain daily/weekly audit count logs
• Ensure adherence to quality frameworks and feedback mechanisms
• Perform DIP checks and maintain accuracy of quality reports
• Prepare quality analysis reports using basic Excel

Required Skills

• Excellent verbal communication in both Hindi and English
• Strong attention to detail and process orientation
• Working knowledge of Basic Excel
• Experience in call audits, feedback processes, and DIP checks

What You'll Do

• Responsible for achieving quarterly and annual sales quota
• Conducts sales needs analysis with new and prospective customers, including the development of client-centric product solutions.
• Generates leads with the support of SDRs by contacting prospective clients through cold reach outs, networking and industry events.
• Qualifies new leads and determines serviceability of prospects
• Understands the communication needs of enterprise customers, and designs solutions to meet those unique business needs.
• Designs develops and delivers sales proposals and presentations on product benefits.
• Maintains all sales databases necessary to report sales activity and customer information with the support of SDRs

What you should have

• 3-8 years experience in similar roles; Experience as Account Executive or Sales Development Representative at any technical product company is a big plus!
• Flawless communication skills, both written and oral, with extensive public speaking experience
• Demonstrated ability to work solo as well as being a productive team member, making outbound reach-outs every day
• Have a strong work ethic and are eager to learn and make new connections with prospects

Experience: 2 to 8 Years

Job Description

• Technical Skills requirement : JAVA, Multithreading, OOPS, Data Structure, Karaf.
• Total experience required should be around 2 to 8 years.

Job Description :

- Strong development skills in Java JDK 1.7 or above.

- Knowledge of Java 8 features and Multithreading is a must-have.

- Should have a strong acumen in Data Structures, Algorithms, problem-solving and LogicalAnalytical skills.

- Thorough understanding of OOPS concepts, Design principles and implementation of different type of Design patterns.

- Sound understanding of concepts like Exceptional handling, SerializationDeserialization and Immutability concepts, etc.

- Experience with Multithreading, Concurrent Package and Concurrent APIs Basic understanding of Java Memory Management (JMM) including garbage collections concepts.

- Experience in RDBMS or NO SQL databases and writing SQL queries (Joins, group by, aggregate functions, etc.)

• Strong knowledge of MERN stack (MongoDB, Express JS, React JS, Node JS, HTML5, CSS3, jQuery, Bootstrap, SASS)
• You will also need to interact with mysql databases.
• Develop user interfaces for modern rich internet applications with the latest front-end technologies
• Should have knowledge of of consuming and creating APIs
• Developing features to enhance the user experience.
• Should have excellent in-depth knowledge of Nodejs and MongoDB
• Hands-on experience working with Object-Oriented JavaScript (OOJS), JavaScript libraries, and their practical uses in building complex interactive experiences
• Building reusable code for future use

RESPONSIBILITIES:

• Developing app using Flutter for both Android & iOS platforms.
• Writing quality code independently that is simple, reliable, and scalable.
• Evaluating and implementing out-of-the-box ideas for application development.
• Working with the team to manage, optimize, and customize multiple applications.
• Detecting and troubleshooting application issues.

REQUIREMENTS:

• Must have 1+ years of experience in Flutter.Should have worked and successfully deployed apps using Flutter framework.
• Good knowledge of Flutter SDK & Dart programming language.
• Should have worked on mobile platforms like Android or iOS.
• Should have developed & worked with Flutter widgets for iOS & Android with any of the state management solutions like Bloc, Provider, Mobx, etc.
• Mobile app architecture design and optimization. Extreme attention to detail and the ability to match the design as closely as possible.
• Ability to work closely with Product Managers, other development team members.
• Understanding of Functional Reactive Programming is a must.
• Comfortable with Test-Driven Development.