259 Security Testing jobs in Hyderabad

Role Overview

As VP/AVP – Offensive security services, you will provide strategic and technical leadership for NopalCyber’s Offensive Security practice. You will lead and evolve core services such as Penetration Testing, Red Teaming, Application Security Assessments, BAS, AI Security and Threat Simulation. This role requires deep technical expertise, engagement leadership, and the ability to influence C-level clients while driving operational excellence across service delivery.

You will be accountable for the scaling, maturity, and quality of offensive security services across multiple client environments, and responsible for shaping the offensive security roadmap, delivery methodologies, and team capability development.

Key Responsibilities

Own and lead the Offensive Security & VAPT function, including service line P&L, strategic delivery roadmap, team management, and client satisfaction.

Architect and oversee enterprise-scale VAPT and red team engagements, driving delivery excellence across infrastructure, applications, APIs, mobile, and cloud environments.

Engage directly with senior client stakeholders (CISOs, CTOs, Risk Leaders) to translate business risk into actionable technical assessments and recommend mitigation strategies.

Define testing frameworks and reusable methodologies to standardize and elevate delivery across projects, including red teaming, threat emulation, and advanced attack simulations.

Direct a high-performing offensive security team, including Red Teamers, AppSec specialists, and security testers, ensuring their continuous development and engagement.

Lead strategic threat modeling and secure design reviews in collaboration with clients' architecture and engineering teams, integrating security into early lifecycle stages.

Govern quality of deliverables, including technical findings, risk summaries, and executive-ready reports, ensuring alignment with business impact and remediation feasibility.

Drive operational excellence across testing engagements, ensuring timelines, SLAs, and KPIs (e.G., MTTR, false positive rate, TTP coverage) are consistently met or exceeded.

Spearhead R&D initiatives to evaluate emerging threats, tools, and offensive capabilities relevant to client environments and evolving attack surfaces.

Collaborate with cross-functional internal teams (MXDR, GRC, Incident Response, Product) to align offensive security outputs with broader risk and advisory services.

Represent NopalCyber at industry forums, client executive reviews, and security advisory boards as a trusted expert in offensive cybersecurity.

Required Qualifications

Bachelor's degree in Engineering, Computer Science, or a related field;
a Master’s is preferred.

15–18 years of experience in cybersecurity with at least 5 years in leadership roles across VAPT, Red Team, or Application Security domains.

Demonstrated experience managing technical delivery and strategic outcomes for multiple clients or large-scale programs.

Preferred Certifications

Mandatory: OSCP, CEH

Highly Desirable: OSCE, OSWE, GPEN, GWAPT, GCIH, GXPN, CISSP

Desired Skills

In-depth understanding of modern attack vectors, OWASP Top 10, MITRE ATT&CK, and real-world exploitation techniques.

Strong command of tools such as Burp Suite Pro, Cobalt Strike, Metasploit, Nmap, Kali Linux, AppDetective, and WebInspect.

Proficiency in cloud security testing across AWS, Azure, or GCP;
experience with containerized and microservices-based environments.

Hands-on exposure to reviewing or attacking applications built using C++, Java, Python, Go, JavaScript, and working within Kubernetes or CI/CD pipelines.

Capability to present complex technical findings in clear, business-relevant language to executive stakeholders.

Leadership Attributes

Strategic thinker with a track record of scaling cybersecurity programs or service lines.

Proven ability to lead, mentor, and retain high-performing technical teams.

Exceptional client engagement and communication skills.

Ability to influence and collaborate across teams and functions to drive security outcomes.

#PenetrationTesting #RedTeamOperations #ApplicationSecurity #OffensiveSecurity #CybersecurityLeadership #CloudSecurity #ThreatModeling #OWASP #StakeholderManagement

#OSCP #MITREATTACK

| About us:

Foodsmart is the leading telenutrition and foodcare solution, backed by a robust network of Registered Dietitians. Our platform is designed to foster healthier food choices, drive lasting behavior change, and deliver long-term health outcomes. Through our highly personalized, digital platform, we guide our 2.2 million members—including those in employer-sponsored health plans, regional and national Medicaid managed care organizations, Medicare Advantage plans, and commercial insurers—on a tailored journey to eating well while saving time and money.

Foodsmart seamlessly integrates dietary assessments and nutrition counseling with online food ordering and cost-effective meal planning for the entire family, optimizing ingredients both at home and on the go. We partner with national and regional retailers across the U.S., many of whom accept SNAP/EBT, making healthier food more accessible. Additionally, we assist members with SNAP enrollment and management, providing tangible access to nutritious food. In 2024, Foodsmart secured a $200 million investment from TPG's Rise Fund, which supports entrepreneurs dedicated to achieving the United Nations' Sustainable Development Goals. This investment will help us expand our reach, particularly to low-income workers who are disproportionately affected by diet-related diseases.

At Foodsmart, our mission is to make nutritious food accessible and affordable for everyone, regardless of economic status. We are committed to a set of core values that shape our culture and work environment:

Measured: We make data-driven, truth-seeking decisions.

Impactful: We are fueled by achieving our mission and vision.

Collaborative: We help each other be better and create a positive environment.

Hungry: We maintain a healthy growth mindset, seeking to overcome challenges with courage.

Joyful: We take joy in each other, our work, and the privilege of doing this work.

Whether you're a dietitian, a commercial leader, or a technologist, working at Foodsmart means being part of a team that is passionate, supportive, and driven by a shared purpose. Join us in transforming the way people access and enjoy healthy food.

| About the role:

We are seeking a Sr. Detection & Response Engineer to support and enhance our ability to monitor, detect, and respond to security threats across the organization. This role is focused on hands-on technical execution and will play a critical part in safeguarding Foodsmart's systems, data, employees, and customers.

The ideal candidate will have strong foundational knowledge of Sr. Detection & Response Engineer, be comfortable working with modern security tools and platforms, and demonstrate a proactive approach to automation and process improvement. You will work alongside our security and engineering teams to ensure we maintain a robust and responsive security posture.

You will:

• Participate in the team's on-call rotation to conduct real-time monitoring of security events across Foodsmart's infrastructure using SIEM tools.
• Continuously improve threat detection capabilities by fine-tuning alerts, building correlation rules, and integrating new data sources into monitoring systems.
• Act as the first line of defense during active incidents, lead containment, eradication, recovery efforts, and conduct root cause analysis.
• Administer and configure security tools including EDR, SASE, DLP, and SIEM
• Conduct periodic risk assessments on infrastructure, SaaS applications, endpoints, and third party integrations to identify gaps in security posture.
• Implement vulnerability management processes to ensure timely remediation of identified risks.
• Develop playbooks for common attack scenarios to ensure rapid response during incidents.
• Automate repetitive tasks by writing scripts workflow automation (e.g., Python)
• Partner with DevOps teams to enhance CI/CD pipeline security and enforce secure configurations for infrastructure-as-code (IaC).
• Work closely with IT teams to secure endpoints for remote employees and enforce strong identity access management policies (e.g., SSO, MFA)
• Support compliance initiatives (e.g., ISO27001, HIPAA, HITRUST CSF)

You have:

• At least 5+ years of experience in information security, IT, and engineering roles with a proven track record of safeguarding critical systems in fast-paced environments.
• Hands-on experience with security tools including but not limited to SIEM platforms, SASE, Email Gateways, Browser Isolation, EDR/XDR solutions.
• Background as an incident response lead and detection engineer to support incident response function.
• Experience managing application and cloud security vulnerability and configuration management programs (e.g., CSPM, ASPM)
• Familiarity with scripting (e.g., Python) and no-code tools for workflow automation (e.g., Okta Workflows, Zapier).
• Knowledge of best practices in cloud based architecture (e.g., AWS, GCP)

Job Title: Senior Manager – VAPT (OSCP Certified)

Location: Any Metro City in India (Hybrid) – Mumbai / Bangalore / Delhi / Chennai / Hyderabad

Travel Requirement: Frequent travel to Japan (as per project requirement)

Experience: 7+ years

Certification: Mandatory – OSCP

We are seeking a highly skilled and experienced Senior Manager – Vulnerability Assessment and Penetration Testing (VAPT) professional to lead and deliver advanced security assessments for our clients.

The ideal candidate will possess deep technical expertise in offensive security, team leadership experience, and a strong understanding of global cybersecurity frameworks.

The role requires collaboration with international teams and client stakeholders, with periodic travel to Japan.

As a Senior Manager – VAPT, you will be responsible for leading and executing comprehensive Vulnerability Assessment and Penetration Testing (VAPT) engagements across web, mobile, network, cloud, and infrastructure environments.

You will manage and mentor a team of security consultants to ensure high-quality project delivery.

You will develop customized testing methodologies aligned with client environments and industry standards (OWASP, PTES, NIST, ISO 27001).

You will prepare and present detailed technical reports, risk assessments, and remediation strategies to both technical and business audiences.

You will coordinate with Japanese and Indian client stakeholders, ensuring smooth communication, delivery, and compliance with project timelines.

You will stay updated with emerging threat vectors, exploits, and mitigation techniques.

You will drive automation and process improvements in security testing and reporting.

">
• Lead and execute comprehensive VAPT engagements across web, mobile, network, cloud, and infrastructure environments.
">
• Manage and mentor a team of security consultants to ensure high-quality project delivery.
">
• Develop customized testing methodologies aligned with client environments and industry standards (OWASP, PTES, NIST, ISO 27001).
">
• Prepare and present detailed technical reports, risk assessments, and remediation strategies to both technical and business audiences.
">
• Coordinate with Japanese and Indian client stakeholders, ensuring smooth communication, delivery, and compliance with project timelines.
">
• Stay updated with emerging threat vectors, exploits, and mitigation techniques.
">
• Drive automation and process improvements in security testing and reporting.
">

">
• Minimum 7 years of hands-on experience in VAPT, Red Teaming, and Offensive Security.
">
• Mandatory certification: OSCP (Offensive Security Certified Professional).
">
• Strong knowledge of exploit development, threat modeling, and post-exploitation techniques.
">
• Proficiency in tools such as Burp Suite, Metasploit, Nmap, Nessus, Qualys, Wireshark, and other manual testing tools.
">
• Solid understanding of secure coding practices and common vulnerabilities (OWASP Top 10, SANS 25).
">
• Experience working with cloud platforms (AWS, Azure, GCP) and modern DevSecOps environments.
">
• Excellent communication and presentation skills for client interactions and reporting.
">
• Ability to work independently in hybrid and multicultural environments.
">
• Prior experience engaging with Japanese clients or willingness to travel and adapt to cross-cultural settings.
">

">
• Additional certifications such as OSCE, CRTP, CEH (Practical), CREST, GPEN, or GWAPT.
">
• Exposure to IoT/OT security, API testing, or threat hunting.
">
• Experience in managing offshore and onsite delivery teams.
">

Vulnerability Assessment and Penetration Testing (VAPT)

Senior Manager

Advanced Security Assessments

Exp : 10+ years

Location : Hyderabad

Responsibilities

· Design, develop, and implement cloud security architectures and solutions for cloud environments.

· Identify major platform/solution deficiencies and define/craft pragmatic approaches on how to remediate them at scale.

· Ensuring that platforms/solutions are securely implemented as per defined policies, standards and industry best practices.

· Master consistent security practices, Zero Trust principles, centralized management, and cloud security best practices, while staying current with the latest security standards, systems, and cloud advancements.

· Document implementations comprehensively through technical documentation and run books.

· Provide subject matter expertise on information security architecture and systems engineering to other IT and business teams.

· Utilize Cloud Access Security Broker (CASB) solutions to enhance visibility and control over cloud applications.

· Deploy cloud workload protection strategies to safeguard cloud applications and services.

Desired Qualifications :

· 3 to 9 years of experience in designing & hands-on implementing secure cloud environment for large scale enterprise.

· Hands-on experience with cloud-native security services and multi-tenant environments.

· Experience with security tools and technologies relevant to cloud environments, including cloud workload protection, CASB, and CNAPP.

· Hands on experience in working with CWM , CWPP , CSPM,

· Excellent communication and collaboration abilities.

· Strong analytical and problem-solving skills.

Job Title: SME-Network Security (Cisco / Palo Alto / Meraki / Aruba / Fortinet / Sophos)

Company: SHI | LOCUZ

Location: Hyderabad

Experience: 8+ Years

Work Mode: On-site | 24x7 Support (Rotational Shifts)

Level: L3 – Managed Services

Job Description:

We are hiring a Senior Network Engineer (L3) to join our growing team at SHI | LOCUZ. This is a high-impact role responsible for designing, implementing, managing, and troubleshooting complex network infrastructures within a Managed Services environment.

Key Responsibilities:

• Design and deploy scalable and secure network solutions
• Install, configure, and support enterprise-level network hardware/software
• Monitor, troubleshoot, and optimize network performance (L3 level support)
• Ensure network availability and security for mission-critical systems
• Work closely with L1/L2 support teams and coordinate with OEM/vendor support
• Maintain documentation for all network changes and configurations
• Collaborate with internal IT and security teams
• Stay up to date with the latest networking technologies and best practices

Technical Skills Required (at least two L3 level):

• Cisco Security / Cisco Meraki
• Palo Alto
• Aruba
• Sophos
• Fortinet
• Juniper / Mist (preferred)

Must-Have:

• Minimum 8 years of relevant experience in network engineering
• Hands-on experience in a Managed Services environment
• Strong analytical and troubleshooting skills
• Willingness to work in 24x7 support shifts
• Excellent communication and coordination skills

Preferred Certifications:

(CCNP, PCNSE, NSE, Fortinet, Aruba Certified, or similar)

Why Join Us?

• Work with cutting-edge technologies
• Be part of a growing team delivering enterprise-grade solutions
• Opportunity for growth in a dynamic and supportive work environment

Apply Now if you're ready to take your networking career to the next level!

Role Overview

Work location - Saudi (Riyadh)

We are seeking a highly skilled Cybersecurity compliance engineer to design, develop, and

implement a comprehensive Cybersecurity Program across three entities operating and

maintaining power generation and desalination plants. The role requires ensuring

compliance with Saudi Arabian cybersecurity frameworks for both IT and OT environments,

including NCA Essential Cybersecurity Controls (ECC), Operational Technology

Cybersecurity Controls (OTCC), and other relevant regulations.

Key Responsibilities

● Conduct site assessments for IT and OT systems across all three entities.

● Design and implement a Cybersecurity Program aligned with KSA national frameworks

(NCA ECC, OTCC).

● Develop policies, procedures, and governance structures for cybersecurity compliance.

● Perform risk assessments, vulnerability analysis, and penetration testing for IT and OT

systems.

● Implement incident response plans, disaster recovery strategies, and business

continuity measures.

● Ensure secure integration of IT and OT systems, including SCADA, ICS, and critical

infrastructure.

● Provide training and awareness programs for staff on cybersecurity best practices.

● Prepare compliance reports and liaise with regulatory authorities as required.

Travel Requirement

Travel to three operational entities within Saudi Arabia.

Preferred Skills

● Experience with Saudi regulatory compliance and critical national

infrastructure security .

● Ability to develop cybersecurity roadmaps and maturity models .

● Knowledge of cloud security and third-party risk management .

Required Qualifications & Skills

● Education: Bachelor’s degree in Computer Science, Information Security, or related

field (Master’s preferred).

● Certifications: CISSP, CISM, GICSP, or equivalent.

● Experience:

o Minimum 7+ years in cybersecurity, with at least 3 years in OT security for

critical infrastructure.

o Proven experience in energy, utilities, or industrial control systems .

● Technical Expertise:

o Knowledge of NCA ECC , OTCC Cybersecurity Framework .

o Strong understanding of ICS/SCADA security , network segmentation, and

industrial protocols.

o Familiarity with SIEM tools, firewalls, IDS/IPS, and endpoint protection .

● Soft Skills: Strong communication, stakeholder management, and ability to work

across multiple sites.

Greetings from TCS!

Role: Network security engineer

Experience: 10+years

Location: Bangalore Hyderabad Chennai Mumbai Indore

***Drive date: 9-Oct-2025***

Keywords:Palo Alto Firewall, Panorama, F5 LTM Load Balancer and GTM, Infoblox

Job Description:

1. Should offer end to end IT infrastructure and Network Administration Network Security)
2. Should be dealing with fault-ticket (Service-Now), in co-ordination with Customer, application team or device vendor to resolve issues
3. Should be dealing with various vendors & troubleshooting of various Network security related issues.
4. Technical Support and Fault Management/troubleshooting for Network firewall and Load balancer issue.
5. Configuration of firewall rules to allow or deny access as per the user/application requirement.
6. Strong knowledge on leveraging advanced firewalls features like APP-ID, User-ID, Global Protect, Wild Fire, NAT policies and Security Profiles.
7. Profound working knowledge of administration and management of Palo Alto firewalls using centralized Panorama and PAN-OS upgradation.
8. Configuring various advanced features (Profiles, monitors, Redundancy, SSL Termination, Persistence, SNATS, HA on F5 BIGIP appliances SSL termination and initiation.
9. Worked on configuring and troubleshooting Nodes, Pools, Profiles, Virtual Servers, SSL Certificates offloading.
10. Working experience on iRules, policy and Big-IP F5 on LTM and GTM load balancers like GHA creation to provide uninterrupted service to customers/Application.
11. Working experience on code upgrades of virtual and physical F5 LTM and GTM devices for feature and performance improvement and to mitigate security risk.
12. Supported Infoblox appliances grid environment for DNS, DHCP and IP Address Management tools (IPv4) for the enterprise network.
13. Worked on creating and maintaining new subnets, host with several record entries like CNAME, PTR, A, etc) with DHCP scopes using Graphical User Interface.
14. In depth Knowledge on ITIL processes like Incident management, Problem Management, Configuration management and Change Management processes.
15. Candidate should have been in a customer facing role with excellent communication skills.
16. Strong technical knowledge and eagerness to learn new technologies

Thanks & Regards

Sindhuja Polisetty

HR TAG – Cyber Security

Tata Consultancy Services