15 Vulnerability Scanners jobs in India

Bring more to life.
Are you ready to accelerate your potential and make a real difference within life sciences, diagnostics, and biotechnology?
At Cytiva, one of Danaher's ( 15+ operating companies, our work saves lives-and we're all united by a shared commitment to innovate for tangible impact.
You'll thrive in a culture of belonging where you and your unique viewpoint matter. And by harnessing Danaher's system of continuous improvement, you help turn ideas into impact - innovating at the speed of life.
Working at Cytiva means being at the forefront of providing new solutions to transform human health. Our incredible customers undertake life-saving activities ranging from fundamental biological research to developing innovative vaccines, new medicines, and cell and gene therapies.
At Cytiva you will be able to continuously improve yourself and us - working on challenges that truly matter with people that care for each other, our customers, and their patients. Take your next step to an altogether life-changing career.
Learn about the Danaher Business System, ( which makes everything possible.
The Product Cybersecurity Engineer - Penetration Testing is responsible for conducting in-depth security testing across various platforms-including web applications, APIs, networks, cloud environments, thick clients, and ICS/SCADA systems-to identify vulnerabilities before malicious actors can exploit them. Analyze findings using CVSS scoring, assess associated risks, and provide clear, actionable recommendations to strengthen the overall security posture of products and systems.
This position reports to the Senior Manager - Product Security and is part of the Product Security department , located in Bengaluru, and will be an on-site role.
What you will do:
1. Comprehensive Penetration Testing
+ Execute penetration tests across web apps, APIs, thick clients, networks, cloud, and ICS/SCADA systems using industry-standard tools.
2. Tool & Technique Development
+ Build and enhance internal tools and methodologies for testing and vulnerability assessments; stay current with emerging threats and exploits.
3. Vulnerability Analysis & Reporting
+ Analyze findings using CVSS, assess risks, recommend mitigations, and communicate results clearly to technical and non-technical audiences.
4. Compliance & Configuration Reviews
+ Perform reviews against CIS Benchmarks and ensure alignment with corporate security policies and standards.
5. Security Evaluation & Collaboration
+ Contribute to overall product security posture and collaborate effectively across teams to drive secure product development.
+ Who you are:
+ Bachelor's degree in computer science, Computer Engineering, or other related discipline; equivalent experience may be acceptable
+ 2+ years of penetration testing experience (Cloud, ICS/OT/Integration, Thick Client, and/or Web Applications preferred)
+ Certified Ethical Hacker (CEH) Certificate / Offensive Security Certified Professional (OSCP) Certificate (preferred but not required)
+ Knowledge of secure coding techniques and how to break them
Cytiva, a Danaher operating company, offers a broad array of comprehensive, competitive benefit programs that add value to our lives. Whether it's a health care program or paid time off, our programs contribute to life beyond the job. Check out our benefits at Danaher Benefits Info ( .
Join our winning team today. Together, we'll accelerate the real-life impact of tomorrow's science and technology. We partner with customers across the globe to help them solve their most complex challenges, architecting solutions that bring the power of science to life.
For more information, visit .

Bring more to life.
Are you ready to accelerate your potential and make a real difference within life sciences, diagnostics, and biotechnology?
At Cytiva, one of Danaher's ( 15+ operating companies, our work saves lives-and we're all united by a shared commitment to innovate for tangible impact.
You'll thrive in a culture of belonging where you and your unique viewpoint matter. And by harnessing Danaher's system of continuous improvement, you help turn ideas into impact - innovating at the speed of life.
Working at Cytiva means being at the forefront of providing new solutions to transform human health. Our incredible customers undertake life-saving activities ranging from fundamental biological research to developing innovative vaccines, new medicines, and cell and gene therapies.
At Cytiva you will be able to continuously improve yourself and us - working on challenges that truly matter with people that care for each other, our customers, and their patients. Take your next step to an altogether life-changing career.
Learn about the Danaher Business System, ( which makes everything possible.
The Product Cybersecurity Engineer - Penetration Testing is responsible for conducting in-depth security testing across various platforms-including web applications, APIs, networks, cloud environments, thick clients, and ICS/SCADA systems-to identify vulnerabilities before malicious actors can exploit them. Analyze findings using CVSS scoring, assess associated risks, and provide clear, actionable recommendations to strengthen the overall security posture of products and systems.
This position reports to the Senior Manager - Product Security and is part of the Product Security department , located in Bengaluru, and will be an on-site role.
What you will do:
1. Comprehensive Penetration Testing
+ Execute penetration tests across web apps, APIs, thick clients, networks, cloud, and ICS/SCADA systems using industry-standard tools.
2. Tool & Technique Development
+ Build and enhance internal tools and methodologies for testing and vulnerability assessments; stay current with emerging threats and exploits.
3. Vulnerability Analysis & Reporting
+ Analyze findings using CVSS, assess risks, recommend mitigations, and communicate results clearly to technical and non-technical audiences.
4. Compliance & Configuration Reviews
+ Perform reviews against CIS Benchmarks and ensure alignment with corporate security policies and standards.
5. Security Evaluation & Collaboration
+ Contribute to overall product security posture and collaborate effectively across teams to drive secure product development.
+ Who you are:
+ Bachelor's degree in computer science, Computer Engineering, or other related discipline; equivalent experience may be acceptable
+ 2+ years of penetration testing experience (Cloud, ICS/OT/Integration, Thick Client, and/or Web Applications preferred)
+ Certified Ethical Hacker (CEH) Certificate / Offensive Security Certified Professional (OSCP) Certificate (preferred but not required)
+ Knowledge of secure coding techniques and how to break them
Cytiva, a Danaher operating company, offers a broad array of comprehensive, competitive benefit programs that add value to our lives. Whether it's a health care program or paid time off, our programs contribute to life beyond the job. Check out our benefits at Danaher Benefits Info ( .
Join our winning team today. Together, we'll accelerate the real-life impact of tomorrow's science and technology. We partner with customers across the globe to help them solve their most complex challenges, architecting solutions that bring the power of science to life.
For more information, visit .

**Job Description:**
**Network Penetration Testing + Kali Linux + Ethical Hacking + Exploitation + Metasploit.**
Key Responsibilities:
+ Perform structured penetration testing on computer systems, networks, and applications to identify potential vulnerabilities.
+ Evaluate the security of both software and hardware components to ensure compliance with best practices and regulatory standards.
+ Design and execute controlled cyberattack simulations and red team engagements to assess system defenses and identify exploitable weaknesses.
+ Develop and deploy custom tools and exploits to simulate real-world threat scenarios.
+ Identify, document, and remediate security vulnerabilities by analyzing system architecture and configurations.
+ Deliver detailed reports with actionable recommendations to improve the overall security of digital infrastructure.
+ Implement security enhancements and collaborate with IT teams to integrate effective defensive solutions.
Required Skills and Tools Proficiency:
+ Expertise in penetration testing and red teaming tools, including but not limited to:
+ Operating systems & frameworks: Kali Linux, Parrot OS
+ Exploitation tools: Metasploit, Cobalt Strike, Nighthawk
+ Reconnaissance & scanning: Nmap, Sublist3r, Recon-NG
+ Vulnerability assessment: Qualys, Nessus
+ Web & network analysis: Burp Suite, Wireshark, Yersinia, Ettercap/Bettercap
+ Password cracking & credential tools: Hashcat, Mimikatz, CrackMapExec, Rubeus
+ Active Directory & privilege escalation: BloodHound, Impacket
+ Exploit research: ExploitDB
Preferred Qualifications:
+ Industry-recognized certifications such as OSCP (Offensive Security Certified Professional) or OSEP (Offensive Security Experienced Penetration Tester) are a strong plus.
+ Excellent analytical, problem-solving, and communication skills.
Ability to work independently and as part of a team in high-pressure environments
**Network Penetration Testing + Kali Linux + Ethical Hacking + Exploitation + Metasploit.**
Cognizant is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, color, religion, national origin, disability, protected Veteran status, age, or any other characteristic protected by law.

**_Welcome to Warner Bros. Discovery. the stuff dreams are made of._**
**Who We Are.**
When we say, "the stuff dreams are made of," we're not just referring to the world of wizards, dragons and superheroes, or even to the wonders of Planet Earth. Behind WBD's vast portfolio of iconic content and beloved brands, are the _storytellers_ bringing our characters to life, the _creators_ bringing them to your living rooms and the _dreamers_ creating what's next.
From brilliant creatives, to technology trailblazers, across the globe, WBD offers career defining opportunities, thoughtfully curated benefits, and the tools to explore and grow into your best selves. Here you are supported, here you are celebrated, here you can thrive.
**Job Responsibilities**
+ Execute penetration testing engagements against a variety of web applications/ services and software .
+ Develop and execute attack strategies to simulate real-world attacks by threat actors.
+ Ability to identifying and exploiting vulnerabilities in computer systems, networks, and applications to simulate attacks by threat actors.
+ Analyze and report on the results of security assessments and make recommendations to improve the security posture of the organization.
+ Advise management about noncompliance with defined standards in applications tested.
+ Partner with developers to drive improvement in application security as a result of security assessment engagements .
+ Provide clear communication on the issue to developers and verify the efficacy of the ' fix ' .
+ Provide actionable remediation feedback for findings and/or long-term risk mitigation guidance .
+ Provide guidance and recommendations to other teams to improve the security of products.
+ Demonstrate deep understanding of computer networks, operating systems, databases, web applications, and mobile applications.
+ Experience with Secure software development lifecycle, distributed systems and security protocols.
+ Create custom tools and scripts to automate testing and make the process more efficient.
+ Support and maintain tools used for penetration testing and security assessments .
+ Develop other security engineers .
+ Must be based in the WBD's office, minimum three days/week .
**Qualifications & Experiences:**
+ A Bachelor's degree in Computer Science , Cybersecurity, or other related fields, from an accredited university or an equivalent professional experience may suffice in lieu of a Bachelor's degree.
+ Minimum of 5 years of experience in penetration testing, code review, bug bounty hunting, or red teaming/capture the flag experience.
+ Experience in scripting in Python or other languages to build automation tools
+ Minimum of 5 years of professional experience with security engineering practices such as in web application security, network security, authN / authZ protocols, cryptography, automation, and other software security.
+ Team player with strong communication skills
**If you:**
+ are excited to work in an international, fast-paced, multi-faceted media company.
+ are comfortable ensuring timely escalation, responsiveness and follow through to meet deadlines.
+ are knowledgeable of, and understand, the risk-based business impact approach to cybersecurity.
+ are actively questioning and influencing actions needed to attain goals and targets.
+ are comfortable driving initiatives forward without having direct control of staff.
Then help us create the future with one of the world's largest media & entertainment companies.
**How We Get Things Done.**
This last bit is probably the most important! Here at WBD, our guiding principles are the core values by which we operate and are central to how we get things done. You can find them at along with some insights from the team on what they mean and how they show up in their day to day. We hope they resonate with you and look forward to discussing them during your interview.
**Championing Inclusion at WBD**
Warner Bros. Discovery embraces the opportunity to build a workforce that reflects a wide array of perspectives, backgrounds and experiences. Being an equal opportunity employer means that we take seriously our responsibility to consider qualified candidates on the basis of merit, regardless of sex, gender identity, ethnicity, age, sexual orientation, religion or belief, marital status, pregnancy, parenthood, disability or any other category protected by law.
If you're a qualified candidate with a disability and you require adjustments or accommodations during the job application and/or recruitment process, please visit our accessibility page ( for instructions to submit your request.

Senior Penetration Testing Specialist / Consultant Specialist
Brand: HSBC
Area of Interest: Technology
Location:
Bangalore, KA, IN,
Work style: Hybrid Worker
Date: 21 Oct 2025
Some careers shine brighter than others.
If you're looking for a career that will help you stand out, join HSBC and fulfil your potential. Whether you want a career that could take you to the top, or simply take you in an exciting new direction, HSBC offers opportunities, support and rewards that will take you further.
HSBC is one of the largest banking and financial services organisations in the world, with operations in 64 countries and territories. We aim to be where the growth is, enabling businesses to thrive and economies to prosper, and, ultimately, helping people to fulfil their hopes and realize their ambitions.
We are currently seeking an experienced professional to join our team in the role of Senior Penetration Testing Specialist / Consultant Specialist.
In this role, you will:
+ Perform highly technical/analytical security assessments of custom mobile applications, widely understand infrastructure and networks, web services and APIs. This covers manual penetration testing.
+ Clearly and professionally document root cause and risk analysis of all findings
+ Adhere to the security testing process and raise any gaps or opportunities for improvement with manager.
+ Work closely with the DevOps teams to ensure that the security testing requirements are met and help automate repetitive tasks.
+ Develop understanding of business functionality and apply testing methodology as appropriate to technologies and risks
+ Demonstrate complex proof-of-concept exploits of vulnerabilities when required.
+ Assist with coordination of security testing projects according to a structured process, including writing test plans, test cases and test reports.
+ Advise on vulnerability remediation, control implementation and secure development practices
Qualifications
+ To be successful in this role, you should meet the following requirements.
+ Ability to develop clear business impact and justification to drive investment in team capabilities
+ Demonstrable experience in vulnerability identification and exploitation.
+ Participation in the Cyber Security industry.
+ Demonstrated experience in network security.
+ Experience in analysis of mobile technologies.
+ Understanding of analysis of common operating system, such as Linux, Windows
+ Understanding in software development.
+ Experience in tooling, automation and prototyping.
+ Experience in source code review.
+ Demonstrated experience in penetration testing.
+ Coding in preferred scripting languages like Python, Perl, Javascript etc.
+ Understand the business context/significance of technical penetration testing findings.
+ Consistently output superior quality of deliverables.
+ Contributes to individual and team on-going development.
+ Ability to manage stakeholders
+ English - Fluent written and spoken
You'll achieve more when you join HSBC.
is committed to building a culture where all employees are valued, respected and opinions count. We take pride in providing a workplace that fosters continuous professional development, flexible working and opportunities to grow within an inclusive and diverse environment. Personal data held by the Bank relating to employment applications will be used in accordance with our Privacy Statement, which is available on our website.
Issued by - HSBC Software Development India

Responsibilities

• Client Engagement & Leadership
• Act as a trusted security advisor for multiple high-value clients.
• Manage end-to-end security assessment projects, including scoping, execution, reporting, and remediation guidance.
• Conduct technical and executive-level briefings to communicate findings, risks, and strategic recommendations clearly.
• Translate complex technical vulnerabilities into business risk insights to help clients prioritize actions.
• Collaborate closely with client stakeholders to ensure security recommendations are practical and actionable.
• Advanced Threat Modelling & Risk Assessment
• Design and maintain threat models tailored to client applications, networks, and cloud environments.
• Perform risk assessments focusing on business impact and likelihood of exploitation.
• Develop attack scenarios based on the latest threat intelligence and real-world attacker techniques.
• Guide clients in integrating security into their software development lifecycle (SDLC) and cloud infrastructure designs.
• Penetration Testing & Red Team Operations
• Lead advanced black-box, grey-box, and white-box penetration testing engagements for web applications, APIs, networks, and cloud environments.
• Conduct sophisticated Red Team exercises to simulate targeted attack campaigns.
• Design and develop custom exploits and testing tools to replicate specific attacker techniques.
• Perform social engineering tests (phishing campaigns, physical security assessments) in controlled and ethical scenarios.
• Provide detailed post-exercise analysis, including actionable remediation strategies and long term improvement plans.
• Comprehensive Reporting & Documentation
• Produce clear and technically thorough vulnerability assessment and penetration testing reports.
• Create executive-level summaries focused on business impact and compliance risks.
• Maintain structured and up-to-date testing methodologies and playbooks.
• Contribute to internal knowledge base, documenting research, custom tools, and successful testing strategies.
• Technical & Programming Expertise
• Expert in vulnerability assessment and exploitation techniques across a wide range of technologies.
• Proficient in security testing tools such as Burp Suite, Nessus, Metasploit, Nmap, OpenVAS, Cobalt Strike, Wireshark, and tcpdump.
• Strong scripting and automation skills (Python, Bash, PowerShell) to automate repetitive testing tasks and tool workflows.
• Capable of custom tool development and advanced exploit research to target unique client environments.
• Strong knowledge of application security vulnerabilities (OWASP Top 10, SANS Top 25) and attack surface analysis.
• In-depth understanding of cloud security risks, identity and access management, and container security (Docker, Kubernetes).
• Social Engineering & OSINT Expertise
• Design and execute social engineering and phishing simulations tailored to client environments.
• Perform physical security assessments through tactics like tailgating and badge cloning.
• Apply Open Source Intelligence (OSINT) techniques to gather reconnaissance data for assessments.
• Provide training and awareness recommendations based on assessment outcomes.
• Professional Attributes & Mindset
• Strong analytical, problem-solving, and creative thinking skills.
• Ethical hacker mindset with a continuous drive to research emerging threats, attack techniques, and defense bypass methods.
• Methodical and detail-oriented approach to testing with the ability to think like an attacker.
• Strong communication and presentation skills, able to engage both technical teams and business leadership.
• Proactively innovate by developing new tools, scripts, or methodologies to improve testing efficiency and depth.

Qualifications

• 7+ years of hands-on experience in Vulnerability Assessment, Penetration Testing, and security consulting.
• Strong technical expertise in application security, network security, cloud security (AWS, Azure, GCP), and infrastructure security testing.
• Proven experience using VAPT tools such as Burp Suite, Nessus, Qualys, Nmap, Metasploit, Nikto, OpenVAS, etc.
• Solid knowledge of exploitation techniques, post-exploitation frameworks, and manual testing methodologies.
• In-depth knowledge of web application vulnerabilities (OWASP Top 10) and network protocol analysis.
• Experience conducting cloud security assessments, including misconfigurations, IAM permissions analysis, and container security.
• Proficiency in scripting and automation (Python, Bash, PowerShell) to customize tests and tools.
• Familiarity with security frameworks and standards such as NIST, ISO 27001, MITRE ATT&CK.
• Strong reporting and documentation skills, able to translate technical findings into business friendly recommendations.
• Excellent communication and stakeholder management skills, able to lead client-facing engagements.
• Relevant certifications are a strong plus (e.g., OSCP, CREST, CISSP, CEH, GIAC GPEN).

Preferred Qualifications:

• Certifications such as OSCP, GPEN, CREST CRT, CRTO are highly desirable.
• Experience in DevSecOps, CI/CD pipeline security, or automated security testing frameworks.
• Familiarity with industry compliance frameworks like PCI-DSS, GDPR, HIPAA, SOC2, and ISO 27001.
• Prior consulting experience in a service delivery or customer-facing environment.
• Experience with threat intelligence platforms and indicators of compromise (IoCs).

**Who We Are**
At Kyndryl, we design, build, manage and modernize the mission-critical technology systems that the world depends on every day. So why work at Kyndryl? We are always moving forward - always pushing ourselves to go further in our efforts to build a more equitable, inclusive world for our employees, our customers and our communities.
**The Role**
Join Kyndryl as a Penetration Testing Associate and embark on an exhilarating journey where you'll wield your strategic vision and hands-on expertise to revolutionize our approach to cybersecurity. As an integral part of our team, you'll take charge of the entire lifecycle of customer engagements, transforming the way we safeguard businesses in the digital realm.
At Kyndryl, we believe that staying ahead of the game is essential. As a Penetration Testing Associate, you'll embark on an ongoing journey of discovery, continually learning and exploring new methodologies, staying abreast of the latest security threats, attack techniques, and tools. We encourage and support your relentless pursuit of knowledge, because it is through your unyielding dedication that we can deliver unrivaled protection to our customers.
Join us now and let your passion for cybersecurity shine. Together, we will set new standards, revolutionize the industry, and ensure the highest level of security for our customers. Are you ready to make your mark as a Penetration Testing Associate at Kyndryl?
Your Future at Kyndryl
Every position at Kyndryl offers a way forward to grow your career. We have opportunities that you won't find anywhere else, including hands-on experience, learning opportunities, and the chance to certify in all four major platforms. Whether you want to broaden your knowledge base or narrow your scope and specialize in a specific sector, you can find your opportunity here.
**Who You Are**
**Role Overview**
We are seeking a highly experienced Subject Matter Expert (SME) for application security testing with at Minimum 8+ years of experience to lead technical governance across cloud-based application security testing initiatives. This role will oversee quality assurance, technical escalation, and alignment with enterprise security standards, ensuring robust and compliant penetration testing practices for web, mobile applications, and APIs hosted on cloud platforms.
**Key Responsibilities**
**Quality Assurance & Oversight**
+ Own the quality assurance process for all deliverables from testing team on ground.
+ Review and validate assessment test plans and final reports for completeness and accuracy.
+ Ensure high and critical findings are correctly identified and documented.
+ Evaluate test case coverage to ensure comprehensive security assessments across web, mobile apps, and APIs.
**Technical Leadership**
+ Act as the escalation point for complex technical issues and disputes.
+ Provide expert guidance on cloud-native application security testing and penetration testing methodologies.
+ Validate accuracy and testing coverage, specially for high and critical findings
+ Support on ground testing resources through targeted training and mentorship.
**Cloud Architecture Awareness**
+ Demonstrate deep understanding of how cloud services (IaaS, PaaS, SaaS) function behind applications.
+ Ensure testing strategies account for cloud-native components such as serverless functions, containers, API gateways, identity services, and storage configurations.
**Governance & Compliance**
+ Ensure all testing activities comply with industry standards such as OWASP, NIST, CSA, CIS Benchmarks, etc.
+ Maintain alignment with enterprise security policies and DevSecOps practices.
+ Liaise with enterprise security, DevSecOps, and cloud platform teams to ensure strategic alignment and timely resolution of issues.
**Stakeholder Engagement**
+ Serve as the central point of contact for customer escalations, including technical disputes, delays, and high-priority issues.
+ Collaborate with internal and external stakeholders to ensure governance objectives are met.
**Preferred Certifications**
+ OSCP - Offensive Security Certified Professional
+ CEH - Certified Ethical Hacker
+ CCSP - Certified Cloud Security Professional
+ GIAC GPEN / GWAPT / GCPN - GIAC Penetration Testing, Web App Pen Testing, Cloud Pen Testing
+ AWS Certified Security - Specialty, Azure Security Engineer Associate, or equivalent cloud platform certifications
+ At least one cloud certification is must
**Qualifications**
+ Bachelor's degree in Computer Science, Information Technology, or related field.
+ 8+ years of experience in cloud security, application security testing, and penetration testing.
+ Proven experience in testing web, mobile applications, and APIs hosted on cloud platforms.
+ Strong understanding of cloud architecture and services (AWS, Azure, GCP).
+ Familiarity with security frameworks (OWASP, NIST, CSA, CIS).
+ Experience in technical governance and quality assurance.
+ Excellent communication and stakeholder management skills.
+ Hands-on experience with security testing tools (e.g., Burp Suite, OWASP ZAP, Postman, Nessus, Metasploit).
+ Good communication skills and stakeholder management experience
+ Ability to work independently and manage multiple tasks simultaneously.
+ Strong analytical and problem-solving skills.
+ Excellent communication and teamwork abilities.
**Being You**
Diversity is a whole lot more than what we look like or where we come from, it's how we think and who we are. We welcome people of all cultures, backgrounds, and experiences. But we're not doing it single-handily: Our Kyndryl Inclusion Networks are only one of many ways we create a workplace where all Kyndryls can find and provide support and advice. This dedication to welcoming everyone into our company means that Kyndryl gives you - and everyone next to you - the ability to bring your whole self to work, individually and collectively, and support the activation of our equitable culture. That's the Kyndryl Way.
**What You Can Expect**
With state-of-the-art resources and Fortune 100 clients, every day is an opportunity to innovate, build new capabilities, new relationships, new processes, and new value. Kyndryl cares about your well-being and prides itself on offering benefits that give you choice, reflect the diversity of our employees and support you and your family through the moments that matter - wherever you are in your life journey. Our employee learning programs give you access to the best learning in the industry to receive certifications, including Microsoft, Google, Amazon, Skillsoft, and many more. Through our company-wide volunteering and giving platform, you can donate, start fundraisers, volunteer, and search over 2 million non-profit organizations. At Kyndryl, we invest heavily in you, we want you to succeed so that together, we will all succeed.
**Get Referred!**
If you know someone that works at Kyndryl, when asked 'How Did You Hear About Us' during the application process, select 'Employee Referral' and enter your contact's Kyndryl email address.
Kyndryl is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, pregnancy, disability, age, veteran status, or other characteristics. Kyndryl is also committed to compliance with all fair employment practices regarding citizenship and immigration status.

**Who We Are**
At Kyndryl, we design, build, manage and modernize the mission-critical technology systems that the world depends on every day. So why work at Kyndryl? We are always moving forward - always pushing ourselves to go further in our efforts to build a more equitable, inclusive world for our employees, our customers and our communities.
**The Role**
Join Kyndryl as a Penetration Testing Associate and embark on an exhilarating journey where you'll wield your strategic vision and hands-on expertise to revolutionize our approach to cybersecurity. As an integral part of our team, you'll take charge of the entire lifecycle of customer engagements, transforming the way we safeguard businesses in the digital realm.
At Kyndryl, we believe that staying ahead of the game is essential. As a Penetration Testing Associate, you'll embark on an ongoing journey of discovery, continually learning and exploring new methodologies, staying abreast of the latest security threats, attack techniques, and tools. We encourage and support your relentless pursuit of knowledge, because it is through your unyielding dedication that we can deliver unrivaled protection to our customers.
Join us now and let your passion for cybersecurity shine. Together, we will set new standards, revolutionize the industry, and ensure the highest level of security for our customers. Are you ready to make your mark as a Penetration Testing Associate at Kyndryl?
Your Future at Kyndryl
Every position at Kyndryl offers a way forward to grow your career. We have opportunities that you won't find anywhere else, including hands-on experience, learning opportunities, and the chance to certify in all four major platforms. Whether you want to broaden your knowledge base or narrow your scope and specialize in a specific sector, you can find your opportunity here.
**Who You Are**
**Role Overview**
We are seeking a highly experienced Subject Matter Expert (SME) for application security testing with at Minimum 8+ years of experience to lead technical governance across cloud-based application security testing initiatives. This role will oversee quality assurance, technical escalation, and alignment with enterprise security standards, ensuring robust and compliant penetration testing practices for web, mobile applications, and APIs hosted on cloud platforms.
**Key Responsibilities**
**Quality Assurance & Oversight**
+ Own the quality assurance process for all deliverables from testing team on ground.
+ Review and validate assessment test plans and final reports for completeness and accuracy.
+ Ensure high and critical findings are correctly identified and documented.
+ Evaluate test case coverage to ensure comprehensive security assessments across web, mobile apps, and APIs.
**Technical Leadership**
+ Act as the escalation point for complex technical issues and disputes.
+ Provide expert guidance on cloud-native application security testing and penetration testing methodologies.
+ Validate accuracy and testing coverage, specially for high and critical findings
+ Support on ground testing resources through targeted training and mentorship.
**Cloud Architecture Awareness**
+ Demonstrate deep understanding of how cloud services (IaaS, PaaS, SaaS) function behind applications.
+ Ensure testing strategies account for cloud-native components such as serverless functions, containers, API gateways, identity services, and storage configurations.
**Governance & Compliance**
+ Ensure all testing activities comply with industry standards such as OWASP, NIST, CSA, CIS Benchmarks, etc.
+ Maintain alignment with enterprise security policies and DevSecOps practices.
+ Liaise with enterprise security, DevSecOps, and cloud platform teams to ensure strategic alignment and timely resolution of issues.
**Stakeholder Engagement**
+ Serve as the central point of contact for customer escalations, including technical disputes, delays, and high-priority issues.
+ Collaborate with internal and external stakeholders to ensure governance objectives are met.
**Preferred Certifications**
+ OSCP - Offensive Security Certified Professional
+ CEH - Certified Ethical Hacker
+ CCSP - Certified Cloud Security Professional
+ GIAC GPEN / GWAPT / GCPN - GIAC Penetration Testing, Web App Pen Testing, Cloud Pen Testing
+ AWS Certified Security - Specialty, Azure Security Engineer Associate, or equivalent cloud platform certifications
+ At least one cloud certification is must
**Qualifications**
+ Bachelor's degree in Computer Science, Information Technology, or related field.
+ 8+ years of experience in cloud security, application security testing, and penetration testing.
+ Proven experience in testing web, mobile applications, and APIs hosted on cloud platforms.
+ Strong understanding of cloud architecture and services (AWS, Azure, GCP).
+ Familiarity with security frameworks (OWASP, NIST, CSA, CIS).
+ Experience in technical governance and quality assurance.
+ Excellent communication and stakeholder management skills.
+ Hands-on experience with security testing tools (e.g., Burp Suite, OWASP ZAP, Postman, Nessus, Metasploit).
+ Good communication skills and stakeholder management experience
+ Ability to work independently and manage multiple tasks simultaneously.
+ Strong analytical and problem-solving skills.
+ Excellent communication and teamwork abilities.
**Being You**
Diversity is a whole lot more than what we look like or where we come from, it's how we think and who we are. We welcome people of all cultures, backgrounds, and experiences. But we're not doing it single-handily: Our Kyndryl Inclusion Networks are only one of many ways we create a workplace where all Kyndryls can find and provide support and advice. This dedication to welcoming everyone into our company means that Kyndryl gives you - and everyone next to you - the ability to bring your whole self to work, individually and collectively, and support the activation of our equitable culture. That's the Kyndryl Way.
**What You Can Expect**
With state-of-the-art resources and Fortune 100 clients, every day is an opportunity to innovate, build new capabilities, new relationships, new processes, and new value. Kyndryl cares about your well-being and prides itself on offering benefits that give you choice, reflect the diversity of our employees and support you and your family through the moments that matter - wherever you are in your life journey. Our employee learning programs give you access to the best learning in the industry to receive certifications, including Microsoft, Google, Amazon, Skillsoft, and many more. Through our company-wide volunteering and giving platform, you can donate, start fundraisers, volunteer, and search over 2 million non-profit organizations. At Kyndryl, we invest heavily in you, we want you to succeed so that together, we will all succeed.
**Get Referred!**
If you know someone that works at Kyndryl, when asked 'How Did You Hear About Us' during the application process, select 'Employee Referral' and enter your contact's Kyndryl email address.
Kyndryl is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, pregnancy, disability, age, veteran status, or other characteristics. Kyndryl is also committed to compliance with all fair employment practices regarding citizenship and immigration status.

**Who We Are**
At Kyndryl, we design, build, manage and modernize the mission-critical technology systems that the world depends on every day. So why work at Kyndryl? We are always moving forward - always pushing ourselves to go further in our efforts to build a more equitable, inclusive world for our employees, our customers and our communities.
**The Role**
Join Kyndryl as a Penetration Testing Associate and embark on an exhilarating journey where you'll wield your strategic vision and hands-on expertise to revolutionize our approach to cybersecurity. As an integral part of our team, you'll take charge of the entire lifecycle of customer engagements, transforming the way we safeguard businesses in the digital realm.
At Kyndryl, we believe that staying ahead of the game is essential. As a Penetration Testing Associate, you'll embark on an ongoing journey of discovery, continually learning and exploring new methodologies, staying abreast of the latest security threats, attack techniques, and tools. We encourage and support your relentless pursuit of knowledge, because it is through your unyielding dedication that we can deliver unrivaled protection to our customers.
Join us now and let your passion for cybersecurity shine. Together, we will set new standards, revolutionize the industry, and ensure the highest level of security for our customers. Are you ready to make your mark as a Penetration Testing Associate at Kyndryl?
Your Future at Kyndryl
Every position at Kyndryl offers a way forward to grow your career. We have opportunities that you won't find anywhere else, including hands-on experience, learning opportunities, and the chance to certify in all four major platforms. Whether you want to broaden your knowledge base or narrow your scope and specialize in a specific sector, you can find your opportunity here.
**Who You Are**
**Role Overview**
We are seeking a highly experienced Subject Matter Expert (SME) for application security testing with at Minimum 8+ years of experience to lead technical governance across cloud-based application security testing initiatives. This role will oversee quality assurance, technical escalation, and alignment with enterprise security standards, ensuring robust and compliant penetration testing practices for web, mobile applications, and APIs hosted on cloud platforms.
**Key Responsibilities**
**Quality Assurance & Oversight**
+ Own the quality assurance process for all deliverables from testing team on ground.
+ Review and validate assessment test plans and final reports for completeness and accuracy.
+ Ensure high and critical findings are correctly identified and documented.
+ Evaluate test case coverage to ensure comprehensive security assessments across web, mobile apps, and APIs.
**Technical Leadership**
+ Act as the escalation point for complex technical issues and disputes.
+ Provide expert guidance on cloud-native application security testing and penetration testing methodologies.
+ Validate accuracy and testing coverage, specially for high and critical findings
+ Support on ground testing resources through targeted training and mentorship.
**Cloud Architecture Awareness**
+ Demonstrate deep understanding of how cloud services (IaaS, PaaS, SaaS) function behind applications.
+ Ensure testing strategies account for cloud-native components such as serverless functions, containers, API gateways, identity services, and storage configurations.
**Governance & Compliance**
+ Ensure all testing activities comply with industry standards such as OWASP, NIST, CSA, CIS Benchmarks, etc.
+ Maintain alignment with enterprise security policies and DevSecOps practices.
+ Liaise with enterprise security, DevSecOps, and cloud platform teams to ensure strategic alignment and timely resolution of issues.
**Stakeholder Engagement**
+ Serve as the central point of contact for customer escalations, including technical disputes, delays, and high-priority issues.
+ Collaborate with internal and external stakeholders to ensure governance objectives are met.
**Preferred Certifications**
+ OSCP - Offensive Security Certified Professional
+ CEH - Certified Ethical Hacker
+ CCSP - Certified Cloud Security Professional
+ GIAC GPEN / GWAPT / GCPN - GIAC Penetration Testing, Web App Pen Testing, Cloud Pen Testing
+ AWS Certified Security - Specialty, Azure Security Engineer Associate, or equivalent cloud platform certifications
+ At least one cloud certification is must
**Qualifications**
+ Bachelor's degree in Computer Science, Information Technology, or related field.
+ 8+ years of experience in cloud security, application security testing, and penetration testing.
+ Proven experience in testing web, mobile applications, and APIs hosted on cloud platforms.
+ Strong understanding of cloud architecture and services (AWS, Azure, GCP).
+ Familiarity with security frameworks (OWASP, NIST, CSA, CIS).
+ Experience in technical governance and quality assurance.
+ Excellent communication and stakeholder management skills.
+ Hands-on experience with security testing tools (e.g., Burp Suite, OWASP ZAP, Postman, Nessus, Metasploit).
+ Good communication skills and stakeholder management experience
+ Ability to work independently and manage multiple tasks simultaneously.
+ Strong analytical and problem-solving skills.
+ Excellent communication and teamwork abilities.
**Being You**
Diversity is a whole lot more than what we look like or where we come from, it's how we think and who we are. We welcome people of all cultures, backgrounds, and experiences. But we're not doing it single-handily: Our Kyndryl Inclusion Networks are only one of many ways we create a workplace where all Kyndryls can find and provide support and advice. This dedication to welcoming everyone into our company means that Kyndryl gives you - and everyone next to you - the ability to bring your whole self to work, individually and collectively, and support the activation of our equitable culture. That's the Kyndryl Way.
**What You Can Expect**
With state-of-the-art resources and Fortune 100 clients, every day is an opportunity to innovate, build new capabilities, new relationships, new processes, and new value. Kyndryl cares about your well-being and prides itself on offering benefits that give you choice, reflect the diversity of our employees and support you and your family through the moments that matter - wherever you are in your life journey. Our employee learning programs give you access to the best learning in the industry to receive certifications, including Microsoft, Google, Amazon, Skillsoft, and many more. Through our company-wide volunteering and giving platform, you can donate, start fundraisers, volunteer, and search over 2 million non-profit organizations. At Kyndryl, we invest heavily in you, we want you to succeed so that together, we will all succeed.
**Get Referred!**
If you know someone that works at Kyndryl, when asked 'How Did You Hear About Us' during the application process, select 'Employee Referral' and enter your contact's Kyndryl email address.
Kyndryl is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, pregnancy, disability, age, veteran status, or other characteristics. Kyndryl is also committed to compliance with all fair employment practices regarding citizenship and immigration status.