232 Security Consulting jobs in Bengaluru

As the world’s leading vendor of Cyber Security, facing the most sophisticated threats and attacks, we’ve assembled a global team of the most driven, creative and innovative people. At Check Point, our employees are redefining the security landscape by meeting our customers’ real-time needs and providing our cutting-edge technologies and services to an ever-growing customer base.

If you want to make the world a safer place – you belong with us.

Job Location - Bhubaneshwar / Bangalore / Delhi / Mumbai

Major Responsibilities

• Work as a designated Professional Services Consultant under the Check point India Services team
• Deliver on-site and remote consulting services (design, implementation, optimization, audit, pre-sales, training etc)
• Be the expert in the use of Check Point products and assist customers to see the best ROI from Check Point product an services
• Setup labs and validate the design, migration procedure as per the project requirements
• Review and break down technical workflow in accordance to the project timeline
• Timely and proactive communication with customers, internal stakeholders throughout the project life cycle
• Educate clients, partners on design, deployment and operation best practices in relation to specific business industry
• Technical writing and PowerPoint presentation creation based on the project needs
• Manage customer expectations in terms of projects schedule and delivery quality
• Manage multiple client engagements simultaneously
• Collaborate and work with Check point internal teams and partner relationships
• Keep accurate daily records of project billable and non-billable time

Desired Background

• 7-10 years of relevant experience
• Experience with IT network design, implementation, consulting on security products
• Strong exposure in Check point VSX, Provider-1, 61K Firewall and other network security products
• Exposure in customer facing roles – consulting and pre-sales
• Extensive troubleshooting skills
• Very strong in Linux and Unix based OS
• Willingness to learn new technologies, self-learner
• Good to have experience in providing trainings
• Experience with check point products deployment – advantage
• Check point CCSM certification – advantage

Educational Requirements

Bachelor of Engineering

Service Line

Strategic Technology Group

Responsibilities

This role focuses on our strategic clients who are embarking on digital initiatives. The roles require you to work closely with sales and delivery teams to drive solutions for large and complex programs, identify technology big bets, develop solution propositions around them, prototype and take them to market. This role requires to network and collaborate with CDO as well as Digital and business leaders of client organizations, develop viewpoints on industry and digital technology trends influencing enterprises.

Preferred Skills:

Technology->Java->Core Java->Java Socket Programming

Technology->Mobile Testing->Device Clouds->AWS Device Cloud

Technology->Infrastructure Security->Secure Mail Gateway->Forcepoint Email Security Gateway

• This role focuses on our strategic clients who are embarking on digital initiatives
• The roles require you to work closely with sales and delivery teams to drive solutions for large and complex programs identify technology big bets develop solution propositions around them prototype and take them to market
• This role requires to network and collaborate with CDO as well as Digital and business leaders of client organizations develop viewpoints on industry and digital technology trends influencing enterprises

Technology->Infrastructure Security->Virtualization Security->Kaspersky Security for Virtualization,Technology->Java->Core Java->Java Socket Programming,Technology->Cloud Security->AWS - Infrastructure Security->AWS WAF

Signzy is a digital trust system. We provide identification, background checks, forgery detection

and contract management systems which enable contracting in a trustable, safe, legal, and

convenient manner. Our biometric user authentication system and blockchain-based digital trail

ensure non-repudiation. This increases compliance and enforceability in the court of law. We

consist of a tech-savvy team and are backed by investors who are enthusiastic about creating

solutions with technology.

Working at Signzy

● At Signzy we breathe software and exploit the latest technologies to create the most

amazing products. We comprise a tech-savvy team and are backed by investors who are

enthusiastic about creating solutions using technology.

● Signzy is looking for an Security Engineer. If you think you have what it

takes to get the job done, this is an invitation to be a part of the future!

JD for Security Engineer-1 Role

Responsibilities:

Application Security

• Perform secure code reviews , threat modeling, and static/dynamic application security testing (SAST/DAST).
• Integrate and maintain automated scanning tools (e.G., Semgrep, Snyk, Trivy, Gitleaks) in CI/CD pipelines.
• Collaborate with developers to remediate vulnerabilities and embed security in SDLC.
• Guide on secure architecture patterns (authentication, authorization, data encryption, API security, mobile app protections like SSL pinning and mTLS).

Infrastructure & Cloud Security

• Harden cloud infrastructure (AWS/GCP/Azure), including IAM, VPC design, encryption, and network segmentation.
• Implement infrastructure-as-code security checks for Terraform, Helm, and Kubernetes deployments.
• Conduct internal and external penetration tests , configuration reviews, and vulnerability management for servers, containers, and endpoints.
• Support continuous monitoring (WAF, SIEM, EDR/MDM) and incident response

Security Assessments & Compliance

• Lead periodic security assessments : vulnerability assessments, penetration testing, firewall rule reviews, user-access audits, and network segmentation reviews.
• Document findings, track remediation, and provide risk-based recommendations.
• Assist with evidence gathering for ISO 27001, SOC 2, PCI-DSS, GDPR, and internal security audits.

Continuous Improvement

• Research emerging threats (e.G., supply-chain attacks, npm/package ecosystem risks) and recommend mitigations.
• Contribute to security runbooks, policies, and developer awareness sessions.

Qualification

Must Have

• 2–4 years of experience in application or infrastructure security engineering.
• Strong understanding of web/mobile security, OWASP Top 10, cloud security fundamentals, and Linux/Unix systems.
• Hands-on experience with CI/CD pipelines and common security tools (SAST, DAST, container scanners, SIEM/EDR).
• Hands-on with SAST/DAST tools (e.G., Burp Suite, OWASP ZAP, Semgrep, Fortify)
• Knowledge of network & OS hardening (Linux, cloud workloads).
• Experience with internal and external penetration testing methodologies.
• Familiarity with common tools: Nmap, Metasploit etc.,
• Hands on experience with Mobile application security testing (Android and iOS)
• Familiarity with threat modeling frameworks (STRIDE, MITRE ATT&CK) and SBOM management.
• Scripting or programming skills (Python, Go, Bash) for automation and custom tooling.
• Should have fundamental knowledge of cloud environments
• Security-first mindset with curiosity and analytical thinking.
• Ability to review firewall rules, ACLs, and security groups for least-privilege.
• Understanding of network segmentation and zero-trust principles.
• Ability to translate complex vulnerabilities into actionable, developer-friendly guidance.
• Collaborative approach to working with engineering, DevOps, and compliance teams.
• Strong reporting & documentation skills (writing assessment reports).
• Knowledge of security standards (ISO 27001, NIST 800-53, CIS Benchmarks).

Good to Have

• Container & K8s Security : Familiarity with Trivy, Falco, Kubescape, Kyverno.
• IaC Security : Experience with Terraform/CloudFormation scanning (Checkov, Tfsec).
• DevSecOps Integration: Embedding security tests into CI/CD (GitLab, GitHub Actions, Jenkins).
• Advanced API Security : Hands-on with API gateways (Kong, Apigee, AWS API Gateway) and WAF tuning.
• Cloud-Native Security : Experience with GuardDuty, Security Hub, AWS Config, GCP SCC.
• Emerging Areas : AI/ML model security.
• Certifications (good-to-have, not must) : OSCP or Cloud Security certs (AWS Security Specialty).

JOB DESCRIPTION :

Position : Senior VAPT Consultant

Experience : 8+ years

Loc : Bengaluru

CTC : 35 % Hike on current CTC

Job type : Fulltime(Onsite)

Job Description

We are seeking an experienced and highly skilled Senior VAPT Consultant with 8+ years of hands-on experience in offensive security. The ideal candidate will possess deep technical expertise in assessing and securing complex enterprise environments, including Active Directory, web applications, networks, cloud infrastructures, APIs, and advanced adversarial simulation. This role demands a strong ability to lead engagements, mentor junior consultants, deliver high-quality technical reports, and interface with clients to provide both tactical and strategic security recommendations.

Key Responsibilities:

· Lead and conduct end-to-end penetration testing engagements across web applications, mobile apps, APIs, networks, WiFi, Active Directory, and cloud platforms (AWS, Azure, GCP).

· Execute red team and adversary simulation exercises, including phishing, lateral movement, persistence, and data exfiltration scenarios.

· Perform advanced Active Directory exploitation (on-prem, Azure AD, hybrid environments) including Kerberoasting, unconstrained delegation, golden/silver tickets, and modern AD attack chains.

· Assess and exploit cloud-native vulnerabilities, IAM misconfigurations, container/Kubernetes environments, and serverless workloads.

· Conduct wireless/WiFi pentesting (WEP/WPA/WPA2/WPA3 attacks, rogue AP, evil twin).

· Perform basic to intermediate reverse engineering and exploit development for binaries, scripts, and mobile apps.

· Utilize frameworks and tools such as Burp Suite Pro, ZAP, Caido, Metasploit, Havoc/Mythic/Sliver C2, BloodHound, Mimikatz, Impacket, and custom scripts/exploits.

· Draft and review detailed penetration testing reports, Statements of Work (SoW), Rules of Engagement (RoE), and executive presentations.

· Mentor and guide junior consultants, providing technical leadership, peer review, and training.

· Work closely with clients to communicate findings, risk implications, remediation strategies, and overall security posture improvements.

Requirements

· 8+ years of proven experience in vulnerability assessment, penetration testing, and red team operations.

· Strong expertise in Active Directory exploitation and defenses (on-prem, hybrid, Azure AD).

· Advanced skills in web application, API, and network penetration testing.

· Proficiency in cloud penetration testing (AWS, Azure, GCP) including IAM, storage, networking, and serverless security.

· Strong understanding of exploit development, reverse engineering, and evasion techniques.

· Proficiency with industry-standard tools and custom exploit/script development.

· Solid knowledge of enterprise security technologies (SIEM, SOAR, Firewalls, IDS/IPS, AV/EDR/XDR).

· Strong technical writing and client-facing communication skills, including report drafting and delivery.

· Experience in leading teams, reviewing deliverables, and mentoring junior consultants.

Preferred Qualifications

· Offensive security certifications such as OSCP, OSEP, OSED, OSWE, OSEE, CRTP, CRTE, CREST, GXPN, or equivalent .

· Experience in IoT, hardware, and automotive penetration testing .

· Prior experience in adversary emulation and purple team exercises .

· Familiarity with DevSecOps pipelines and Secure SDLC integration .

Req ID:

NTT DATA strives to hire exceptional, innovative and passionate individuals who want to grow with us. If you want to be part of an inclusive, adaptable, and forward-thinking organization, apply now.

We are currently seeking a Business Consulting-Cloud Security Consultant (Azure) to join our team in Bangalore, Karnātaka (IN-KA), India (IN).

Position Overview

The Cloud Security Engineer (Azure) is responsible for securing the organization's Microsoft Azure cloud environments by designing, implementing, and maintaining advanced security solutions. This role ensures Azure workloads, applications, and data are protected against evolving threats while maintaining compliance with security standards and regulatory requirements.

Key Responsibilities

• Design and implement security controls for Azure services including Azure Active Directory (AAD), Key Vault, Defender for Cloud, and Sentinel.
• Configure and manage Azure-native security tools (e.g., Microsoft Defender for Endpoint, Microsoft Purview, Azure Firewall, Application Gateway, Security Center).
• Develop and enforce Azure-specific security policies, RBAC, conditional access, and identity governance.
• Implement and manage security monitoring, logging, and incident detection using Azure Sentinel (SIEM/SOAR).
• Conduct vulnerability assessments and remediate misconfigurations across Azure environments.
• Automate Azure security processes using PowerShell, Azure CLI, and Infrastructure-as-Code tools (Terraform, ARM templates, Bicep).
• Partner with DevOps teams to integrate security into CI/CD pipelines (Azure DevOps, GitHub Actions).
• Perform risk assessments, threat modeling, and compliance checks (NIST, CIS, ISO 27001, GDPR, etc.).
• Support incident response activities related to Azure cloud environments.
• Stay up to date with Azure security features, threat intelligence, and best practices.

Qualifications

Education:

• Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or related field (or equivalent work experience).

Experience:

• 3-5 years of experience in cloud security, with at least 2+ years hands-on in Microsoft Azure.
• Strong knowledge of Azure networking, IAM, encryption, and security services.
• Experience with Azure Sentinel, Microsoft Defender, and Microsoft Entra ID (Azure AD).
• Familiarity with container security (AKS/Kubernetes) and hybrid cloud environments.

Certifications (preferred):

• Microsoft Certified: Azure Security Engineer Associate (SC-100/SC-200/SC-300)
• Microsoft Certified: Cybersecurity Architect Expert
• CISSP, CCSP, or similar certifications are a plus

Skills & Competencies:

• Strong understanding of Azure security frameworks (CIS Azure Benchmarks, Zero Trust, NIST).
• Proficiency with scripting and automation (PowerShell, Python, Azure CLI).
• Excellent analytical, troubleshooting, and problem-solving skills.
• Strong communication skills to work with technical and business stakeholders.

Work Environment

• Hybrid
• May require on-call rotation for high-severity cloud security incidents.

About NTT DATA

NTT DATA is a $30 billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long term success. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure and connectivity. We are one of the leading providers of digital and AI infrastructure in the world. NTT DATA is a part of NTT Group, which invests over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. Visit us at

Whenever possible, we hire locally to NTT DATA offices or client sites. This ensures we can provide timely and effective support tailored to each client's needs. While many positions offer remote or hybrid work options, these arrangements are subject to change based on client requirements. For employees near an NTT DATA office or client site, in-office attendance may be required for meetings or events, depending on business needs. At NTT DATA, we are committed to staying flexible and meeting the evolving needs of both our clients and employees. NTT DATA recruiters will never ask for payment or banking information and will only use and email addresses. If you are requested to provide payment or disclose banking information, please submit a contact us form,

NTT DATA endeavors to make accessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact us at This contact information is for accommodation requests only and cannot be used to inquire about the status of applications. NTT DATA is an equal opportunity employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status. For our EEO Policy Statement, please click here. If you'd like more information on your EEO rights under the law, please click here. For Pay Transparency information, please click here.

Meet the team:

Cisco is seeking a Technical Consulting Engineer in Customer Delivery, specializing in the security domain, to join a team of the industrys brightest minds developing and implementing advanced Internet security technologies. In this role, you will gain deep insight into the inner workings of Ciscos security products, particularly ISE, and collaborate closely with all elements of the service chain to deliver end-to-end secure solutions.

The ideal candidate demonstrates a strong proficiency and a passion for mastering security technologies, evidenced by an ability to build upon foundational networking knowledge. As a member of the CX Support Services team, you will have the opportunity to support some of our largest customers in securing their networks, address complex service requests related to identity management and policy enforcement, and drive in-house automation and innovation projects designed to elevate the security posture of our clients environments.

Your Impact:

• Collaborates with global customers and cross-functional Cisco teams to resolve complex technical challenges and drive product improvements within the security domain, with emphasis on Identity Services Engine (ISE).
• Expertly diagnoses and resolves product and network issues of moderate to high complexity, leveraging advanced troubleshooting techniques and in-depth knowledge of security protocols.
• Utilizes comprehensive knowledge bases, sophisticated debugging tools, and robust lab simulations to analyze technical incidents and deliver effective solutions, consistently achieving high levels of customer satisfaction.
• Keeps up-to-date with the emerging technology trends/products to deliver high-quality support to customers
• Partners closely with development teams to enhance product serviceability, providing actionable feedback and guidance based on real-world customer experiences.
• Supports and mentors team members on intricate product-related issues, offering leadership and expertise to foster technical excellence across the organization.

Minimum Qualification

• Bachelors or Masters degree in engineering
• A minimum of 5+ years of experience with Security Technologies preferably Cisco
• A minimum of 4+ years of experience in a Support environment with proven
• Troubleshooting experience in sophisticated environments
• Cisco Security Certifications (CCNA Security, CCNP Security, CCIE Security) would be an added advantage
• Linux, and VMware knowledge would be a plus

Preferred Qualifications:

• Should have technical knowledge/experience of Working on features like NAT, ALG, HA, IDS/IPS Or working on AAA technologies like RADIUS, TACACS, DOT1X Or working on VPN technologies like IKEv1, IKEv2, PKI, SSL VPN, NHRP, GRE over IPsec, Remote Access VPN Clients etc
• Good understanding of Cisco ISE architecture and policies along with R&S concepts
• Good understanding of networking fundamentals ( Routing/Switching/Security)
• Deep understanding of OSI model & protocols like ARP, TCP, IP, DHCP, DNS, IPSEC, ISAKMP
• Working knowledge of Wireshark & programming languages like Python
• Experience in working in a Customer support environment with excellent customer handling skills
• Logical problem-solving approach and analytical skills

Role & respon

JOB DESCRIPTION

ROLE & RESPONSIBILTY:

Conduct thorough and detailed cyber risk assessments for our clients, analyzing their digital infrastructure, systems, and security controls.

• Collaborate with cross-functional teams to gather essential information and data required for comprehensive risk assessments.
• Evaluate and interpret assessment results to identify potential vulnerabilities and risks, and provide actionable recommendations for risk mitigation.
• Stay up-to-date with the latest cyber threats, attack vectors, and industry best practices to enhance the effectiveness of risk assessments.
• Prepare and deliver clear and concise reports summarizing the findings of risk assessments to clients and internal stakeholders.
• Provide expert advice and consultancy to clients, guiding them in implementing robust cybersecurity risk management strategies.
• Mentor and support junior team members to foster their professional growth and skills in cyber risk assessments.

REQUIREMENTS:

• Bachelor's or Master's degree in Computer Science, Cybersecurity, Information Technology, or related fields.
• A minimum of 5+ years of hands-on experience in conducting cyber risk assessments and related security assessments.
• Industry certifications such as CISSP, CCSP, CISA, CISM, CRISC, ISO/IEC:27001/22301/2000 LI/LA or equivalent are highly valued.
• Profound knowledge of cybersecurity frameworks, industry standards, and best practices.
• Proficiency in using various security assessment and techniques.
• Strong analytical and problem-solving skills, with the ability to think critically and strategically.
• Excellent communication and presentation skills, capable of effectively communicating technical concepts to both technical and non-technical audiences.
• Demonstrated experience in project management and handling multiple assessments simultaneously.
• A proactive and self-motivated approach to work, with a commitment to continuous learning and professional development.
• Network Security, infrastructure assessment and network architecture design review.
• Conceptual knowledge of OT Security/ISA 62443 standard is preferable.

SELECTION PROCESS o Candidates should expect 2 - 3 rounds of personal or telephonic interviews to assess fitment and communication skills

CRITERIA o Education 60% above throughout academics

• One 3 years (at least) regular course is must either Diploma or Graduation o Course: B.E. / B. Tech / MCA / M. Tech / MBA degree or equivalent
• Certification: CISM / CISSP / CCSP / CISA / CRISC / ITIL / ISO 27001/22301/2000 LI/LA (At least one)
• CCNA (Mandatory), CCNP or equivalent(optional).

COMPENSATION

O Compensation is competitive with industry standards

• Details of the compensation breakup will be shared with short-listed candidates only

WORK TIMING: Monday to Friday

WORK LOCATION: Bangalore (5 days Work from Office)

PEOPLE BENEFITS o Continuous learning program

• Driving a culture of recognition through ENCORE' our quarterly rewards and recognition program o Comprehensive medical insurance coverage for staff and family o Expansive general and accidental coverage for staff
• Executive Health check-up (Manager & above, and for staff above the age of 30) o Les Concierge desks o Internal & Global mobility o Various other people friendly initiatives
• Strong commitment to our Values such as CSR initiatives

The opportunity is now If you are interested in being part of a dynamic team, serving clients and reaching your full potential – KPMG Advisory Services is for you sibilates

Preferred candidate profile

Job Title: OT Security Consultant Risk Assessment Specialist

Location: Bangalore

Employment Type: Full-time

Experience: 4 to 8 years

Job Summary:

We are seeking an experienced OT Security Consultant to support our clients in strengthening the security posture of their Operational Technology (OT) environments. The ideal candidate will be responsible for conducting OT risk assessments, identifying and prioritizing risks based on impact and likelihood, and recommending actionable mitigations and controls. A strong grasp of the ISA/IEC 62443 standard, coupled with hands-on experience in IT-OT network security and industrial control systems, is essential.

Key Responsibilities:

• Conduct comprehensive OT risk assessments across industrial environments, identifying key risk and potential impact.
• Assess and prioritize risks based on impact, likelihood, and business context.
• Perform IT-OT network security assessments, including architecture reviews, segmentation analysis, and traffic flow evaluations.
• Good Understanding of OT infrastructure such as PLC, DCS, MES, SCADA etc., network infrastructure elements, topology, configuration and data flow architecture.
• Experienced in IT-OT network security assessment, Network solution design, implement (Network architecture/ switches/ routers/ firewalls/ DMZ/AD etc ) for manufacturing environments.
• Align assessment methodologies with ISA/IEC 62443,NIST standards and best practices.
• Deliver detailed assessment reports and risk matrices, including practical remediation recommendations.
• Collaborate with client stakeholders including engineering, operations, and cybersecurity teams.
• Provide guidance on secure network design, hardening of ICS components, and secure integration of IT/OT systems.

Required Qualifications:

• Bachelor's or Master's degree in Cybersecurity, Engineering, Computer Science, or a related field.
• 4 to 8 years of experience in OT cybersecurity or ICS/SCADA environments.
• In-depth knowledge of ISA/IEC 62443, NIST and risk assessment frameworks.
• Hands-on experience with OT systems including PLCs, SCADA, DCS, HMIs, and Historian technologies.
• Strong understanding of industrial network protocols (Modbus, OPC, DNP3, etc.) and security principles.
• Familiarity with NIST CSF, NERC CIP, or ISO/IEC 27001 is a plus.

Preferred Certifications:

• ISA/IEC 62443 Cybersecurity Certifications
• GICSP (Global Industrial Cyber Security Professional)
• CCNA, PCNSA

Soft Skills:

• Strong analytical, problem-solving, and communication skills.
• Ability to work independently and lead client engagements.
• Excellent written skills for reporting and documentation.