4,071 Cybersecurity Analysts jobs in India

TRO – Vulnerability Assessment ~ Analyst (L2)

**Job Summary: ** We are looking for a dedicated and proactive Vulnerability Assessment Analyst I to join our cybersecurity team. In this role, you will be instrumental in identifying and assessing vulnerabilities across our IT infrastructure. Additionally, you will leverage basic coding skills to develop automation solutions that enhances overall workflow efficiency of vulnerability management processes.

**Key Responsibilities: ** - Conduct initial vulnerability scans and assessments on a range of systems, networks, and applications using industry-standard vulnerability assessment tools (e.g., Tenable, Nessus. Qualys) -

• Analyze vulnerability scans results to validate findings, identifying false positives, and aid in prioritizing vulnerabilities based on severity, potential impact, and risk to the organization, supporting effective remediation efforts. -
• Design and implement automation scripts to streamline key processes, including report generation, threat intelligence data ingestion, vulnerability data enrichment and triage. -
• Collaborate with senior team members to triage, document, and communicate vulnerabilities to the relevant stakeholders. -
• Support in the development and maintenance of standard operating procedures (SOPs) for vulnerability scanning and reporting processes. -
• Assist in creation of reports and dashboards to deliver insights into the organization's security posture, highlighting vulnerability trends and risk levels. -
• Communicate with cross-functional teams to coordinate and drive remediation efforts, ensuring timely resolution of vulnerabilities. -
• Stay up to date with the latest cybersecurity threats, trends, and emerging technologies in vulnerability management.

**Requirements: ** -

• Bachelor's degree in computer science, Cybersecurity, or related field (or equivalent experience). -
• Fundamental understanding of networking concepts and operating systems, including Windows and Linux, as well as familiarity with network devices, such as switches, routers, and firewalls. -
• Experience with vulnerability assessment tools (e.g., Tenable, Nessus, Qualys). - Familiarity with cybersecurity frameworks (e.g., NIST, CIS, ISO/IEC
• Basic programming/scripting skills (e.g., Python, PowerShell, Bash) to support automation tasks. -
• Strong analytical and problem-solving skills. -
• Ability to work both independently and collaboratively in a team-oriented environment. -
• Excellent written and verbal communication skills.

**Preferred Qualifications: **

• Relevant certifications such as CompTIA Security+, CEH (Certified Ethical Hacker), or equivalent is a plus.
• Hands-on experience in scripting and automation for cybersecurity tasks

Job Types: Full-time, Permanent

Pay: ₹1,200, ₹2,800,000.00 per year

Benefits:

• Health insurance

Application Question(s):

• What is your current CTC and expected CTC?

Experience:

• total work: 6 years (Required)

Location:

• Hyderabad, Telangana (Required)

Work Location: In person

Strong expertise in OWASP Top 10, NIST, and ISO 27001 frameworks.

Advanced knowledge of scripting languages (e.g., Python, Bash, PowerShell) for automation and tool development, with cloud security for platforms such as AWS, Azure, or Google Cloud.

We are hiring a hands-on Penetration Tester to lead and execute end-to-end security assessments across Web, Infrastructure, and Cloud environments. As the technical backbone of our lean and growing VAPT practice, you’ll work closely with the Security Lead and directly engage with clients to deliver meaningful, high-impact security outcomes.

Key Responsibilities:

• Perform manual and automated penetration testing across:
• Web Applications (based on OWASP Top 10)
• Infrastructure (external/internal IPs, firewall review, patch audits)
• Cloud Environments (basic Azure/AWS – IAM, Storage, Networking)
• Identify, exploit, and report on vulnerabilities such as SSRF, RCE, IDOR, LFI, and S3 bucket exposures
• Use tools such as Burp Suite , Nmap , SQLMap , Nikto , Nessus/OpenVAS
• Write high-quality, detailed technical reports with:
• Screenshots for PoCs
• Remediation guidance
• Risk severity scoring (preferably CVSSv3 )
• Collaborate with clients to explain findings and provide actionable recommendations
• Contribute to toolchain improvements and lightweight automation (Python/Bash preferred)

Requirements

• 3–6+ years of hands-on experience in at least 2 of the following areas :
• Web Application Penetration Testing (OWASP Top 10)
• Infrastructure VAPT (internal/external, firewall, patch validation)
• Basic Cloud VAPT (AWS or Azure: IAM, Storage, Networking)
• Proficiency in:
• Manual testing techniques , fuzzing, and exploitation
• Burp Suite (Community or Pro)
• Tools like Nmap, SQLMap, Nikto, Nessus/OpenVAS
• Strong understanding of common vulnerabilities and exploitation techniques

Preferred Certifications

• CEH , eJPT , OSCP (or strong portfolio/proof of hands-on skill)
• AZ-500 or AWS Security Specialty (for cloud security exposure)

Good to Have

• Familiarity with scripting for automation (Python, Bash)
• Exposure to CVSSv3 for vulnerability scoring
• Experience with Dradis , Excel-based reporting , or similar tools

Apt Resources is hiring for our client, a leading cybersecurity services firm, seeking an experienced Senior Consultant – VAPT to join their expert team. The ideal candidate will have deep expertise in infrastructure and application security assessments, penetration testing, and a solid understanding of modern security threats and countermeasures.

• Conduct black-box and grey-box vulnerability assessments and penetration tests on system/network/cloud environments.
• Map network infrastructure, discover ports/services, and audit OS, network, and security configurations.
• Use tools like NMap, Nessus, Metasploit, Kali Linux for exploiting vulnerabilities.
• Stay current with CVEs and threat intelligence relevant to supported technologies.
• Prepare and present detailed findings and mitigation plans to clients.
• Deliver cloud infrastructure security assessments and configuration audits.
• Create and deliver comprehensive, client-specific technical reports.

• Perform vulnerability assessments of Web, Mobile, and Thick-client applications based on OWASP standards.
• Combine automated scanning with manual testing techniques to detect flaws.

• Conduct phishing and spear-phishing simulations to assess end-user security awareness.

Requirements

• Bachelor's degree in Computer Science, IT, or a related field.
• 8–10 years of hands-on experience in VAPT.
• CEH certification is required.
• OSCP or CREST certifications are a plus.
• Experience working in an MSSP (Managed Security Services Provider) environment is preferred.
• Strong understanding of Windows, Unix/Linux systems, firewalls, VPNs, and security infrastructure.

• Expertise in tools like NMap, Metasploit, Kali Linux, Nessus, NetCat, HPing, Qualys, and RetinaCS.
• Strong understanding of CVE databases, exploit development, and countermeasures.
• Familiarity with scripting languages such as C++, C#, Perl, HTML, Shell, etc.
• Knowledge of firewalls, IPS, DNS security, VLAN, web filtering, and VPNs.
• Experience with cloud security assessment across major platforms (AWS, Azure, GCP).

• Strong communication, presentation, and documentation skills.
• Ability to work independently and lead security assessments across client environments.
• Willingness to travel overseas for project deployments.
• Exposure to RFP response preparation, solution architecture, and client-facing presentations.

Benefits

Salary: Up to INR 18 LPA

About the company

Lexitas is a high growth company. The Company is built on a belief that having strong personal relationships with our clients, and providing reliable, accurate and professional services, is the driving force of our success.

Lexitas offers an array of services including local and national court reporting, medical record retrieval, process service, registered agent services and legal talent outsourcing. Our reach is truly national as well as international.

Lexitas is a MNC Company that has set up a subsidiary in Chennai, India – Lexitas India Pvt. Ltd. This Indian company will be the Lexitas Global Capability Center, helping build a world class IT development team, and over time serve as a Shared Services hub for several of the corporate functions.

For More Information -

This is a Full-Time Job located in Chennai, India.

Summary:

This position supports information security, privacy, risk and compliance programs and activities under the direction of the VP of Information Security or designated Information Security Manager. The position assists in developing and maintaining a comprehensive security program for Lexitas. Providing functional and technical support is important to maintain security posture and protection of electronically and physically stored information assets across our systems. Tasks include supporting design, implementation, configuration, documentation, and maintenance to mitigate risk to the business and its computing resources and assets, as well as collaborating with applicable providers, managing and monitoring tools, and facilitating applicable processes and procedures.

Key Roles and Responsibilities :

• Supports IT security, privacy, risk and compliance systems, processes, supporting activities, with the ability to lead activities and programs.
• Monitors computer networks and associated tools and provider services for security, privacy, risk and compliance issues
• Supports the project management, tracking, and documentation of Information, Privacy, Risk, and Compliance programs, processes, and activities
• Investigate security breaches and cybersecurity incidents.
• Documents security breaches and assesses impact.
• Performs and/or supports security tests, risk assessments, and audits to uncover network, application, and process vulnerabilities and provides guidance and training to ensure violations do not persist.
• Tracks and facilitates the mitigation of vulnerabilities to maintain a high security standard.
• Supports best practices for IT security, privacy and compliance.
• Performs and supports 3rd party vulnerability management and penetration testing.
• Research security enhancements and makes recommendations to management.
• Stays current on information technology trends and security standards.
• Prepares reports that detail security, privacy, and compliance risk assessment findings.
• Supports Security Operations Center functions including monitoring and supporting Incident Response activities.
• Supports all related IT Security, Privacy, Risk and Compliance policies and provides guidance to the business.
• Other Information Security, Privacy, Risk, and Compliance duties as required.

Skills and Abilities:

• Experience with computer network and application vulnerability management and penetration testing, and techniques.
• Solid understanding of firewalls, proxies, SIEM, antivirus, and IDPS concepts
• Ability to identify and mitigate network and application vulnerabilities.
• Good understanding of patch management
• Proficient with various OS
• Excellent written and verbal communication skills
• Knowledge of firewalls, antivirus, and intrusion detection system concepts
• Ability to support and document areas of Information Security, Privacy, Risk, and compliance processes and programs.
• Ability to support incident response process.
• Experience directing 3rd Party providers in the areas of Information Security, Privacy, Risk and Compliance
• Support information security controls including physical and data security protecting the confidentiality, integrity and availability of information systems data.
• Preferred KSA’s:
• Strong working knowledge and experience with primary Information Security, Privacy, Risk, and compliance standards and frameworks such as NIST, SOC 2, HIPAA, PCI DSS, GDPR, etc.
• Experience administering information security software and controls.
• Experience supporting process for managing network and application security.
• Network and system administration experience a plus.
• Good understanding of Standard Information Security Baseline Frameworks, Business Continuity, and Disaster Recovery protocols and best practices.
• Exposure to ITIL (Incident/Change Management) – ITIL v3F preferred.
• Learns and monitors the business processes for the areas of primary support responsibility.
• Support annual Security Baseline Audits and execution of recommendations.
• As part of the technology team, performs “Help Desk” day-to-day tasks in support of Information Security, Privacy, Risk, and Compliance.

Education and Experience:

• Bachelor’s degree in computer science or related field strongly preferred.
• IAT Level-2 technical certification strongly preferred (Comp TIA Security+ or CISSP) or ability to obtain within first 90 days of hire.
• 5+ years’ experience performing role of Information Security Analyst or SOC
• Demonstrated experience in responding to, managing, and resolving security incidents.
• Experience with LAN/WAN networking concepts, IP addressing and routing concepts, Windows/Linux/Unix operating systems, Information Security concepts, and best practices.
• Experience with Windows/Linux/Unix operating systems, Information Security concepts, and best practices.
• Experience working with Security Information and Even Management (SIEM) system is a plus.

Cohesity is the leader in AI-powered data security. Over 13,600 enterprise customers, including over 85 of the Fortune 100 and nearly 70% of the Global 500, rely on Cohesity to strengthen their resilience while providing Gen AI insights into their vast amounts of data. Formed from the combination of Cohesity with Veritas' enterprise data protection business, the company's solutions secure and protect data on-premises, in the cloud, and at the edge. Backed by NVIDIA, IBM, HPE, Cisco, AWS, Google Cloud, and others, Cohesity is headquartered in Santa Clara, CA, with offices around the globe.

We've been named a Leader by multiple analyst firms and have been globally recognized for Innovation, Product Strength, and Simplicity in Design , and our culture.

Want to join the leader in AI-powered data security?
We are seeking a highly skilled Security Engineer with strong expertise in Endpoint Detection & Response (EDR/XDR) tools (e.g., CrowdStrike Falcon), Security Information and Event Management (SIEM) platforms (e.g., Splunk, Google SecOps/Chronicle), Cloud Security across AWS, Azure, and GCP. The ideal candidate will have Deep investigation skills and cloud threat detection capabilities, Proven experience as Incident Commander during critical incidents, awareness of recent threats and adversarial techniques, Ability to quickly understand complex environments, Strong business and interpersonal skills to manage risks and collaborate with cross-functional teams

How You'll Spend Your Time Here

• Serve as a senior escalation point for high-severity alerts and incidents across on-prem, endpoint, and cloud workloads
• Perform deep-dive investigations into complex threats such as Cloud-native attacks, Malware and ransomware, Insider threats, Advanced Persistent Threat (APT) campaigns
• Correlate telemetry from EDR/XDR, SIEM, CSPM, and threat intel sources to detect sophisticated threats
• Lead Major Incident Response as Incident Commander, coordinating SOC, IR, Cloud, and IT teams
• Drive containment, eradication, and recovery for both on-premises and cloud security incidents
• Deliver comprehensive post-incident reports with actionable remediation guidance
• Lead and participate in Blue/Red team exercises to improve detection logic and align with MITRE ATT&CK
• Mentor SOC analysts and junior engineers in advanced investigations and cloud IR
• Review and update SOPs, protocols, and capabilities to address emerging threats
• Develop metrics and scorecards to measure Organizational risk, SOC operational effectiveness and efficiency

*WE'D LOVE TO TALK TO YOU IF YOU HAVE MANY OF THE FOLLOWING: *

• EDR/XDR: Strong hands-on experience with CrowdStrike Falcon
• SIEM: Expertise in Splunk and/or Google SecOps (Chronicle)
• Cloud Security: Skilled in cloud monitoring (AWS, Azure, GCP) and incident handling
• Incident Response: Proven track record as Incident Commander handling multi-vector incidents
• OS Knowledge: Deep understanding of Windows and Linux internals
• DLP Tools: Proficiency with MS Defender, Zscaler
• CSPM Tools: Familiarity with Wiz, Qualys, AWS Security Hub, Azure Defender, GCP SCC
• SOAR Platforms: Experience with Splunk SOAR, Google Siemplify
• Scripting: Python, PowerShell, or similar for automation (preferred)

Data Privacy Notice For Job Candidates
For information on personal data processing, please see our Privacy Policy
.
**Equal Employment Opportunity Employer (EEOE)

Cohesity is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, creed, religion, sex, sexual orientation, national origin or nationality, ancestry, age, disability, gender identity or expression, marital status, veteran status or any other category protected by law.

If you are an individual with a disability and require a reasonable accommodation to complete any part of the application process, or are limited in the ability or unable to access or use this online application process and need an alternative method for applying, you may contact us at COHESITY or

for assistance.
In-Office Expectations

Cohesity employees who are within a reasonable commute (e.g. within a forty-five (45) minute average travel time) work out of our core offices 2-3 days a week of their choosing.
Interested candidates based outside of the designated areas are welcome to apply, provided they have the right to work in the job location.

Role & responsibilities

• Should have Cybersecurity Audit experience , PCI DSS/ISO27k/SOC1/SOC2 or any other cybersecurity framework.
• Should have conducted cybersecurity risk assessment.
• Should be into security control architect.
• Must have implemented security controls projects.

Requirements:

• Conduct monthly, quarterly, semi-annual, and annual application, infrastructure, microservices, API and cloud security assessments.
• 3+ years experience in ERM, BIA, DR and BCP.
• 3+ years experience with vulnerability management, SIEM and Log Management, Antivirus/Anti- Malware, proxy servers, DLP, IPS/IDS, VPN, PKI, Multi-factor authentication, cryptography.
• Detailed understanding of common exploits and their defense (EOP, DoS/DDoS, Spoofing, Phishing, Rootkits, RATs, key logging, Zero Day, SQL Injection, XSS, CSRF).
• Excellent in security incident response and to countermeasure atacks.
• Knowledge in common operating system and architecture, Windows, Linux, MS SQL, MySQL, Oracle, networking, etc.
• Research, perform gap analysis, implement, and maintain security controls excellence across existing and new applications, mobile apps, microservices, infrastructure and network.
• Audit/assess security controls to satisfy PCI DSS.
• Define application security policies, procedures, and provide application security architecture best practices.
• Facilitate cyber security training based on the department, role, responsibility, and data access.
• Manage technical, operational, and administrative projects across the Enterprise.