Senior Security Analyst - Pune - Spectral Consultants – Search & Recruitment firm

    Spectral Consultants – Search & Recruitment firm
    Spectral Consultants – Search & Recruitment firm Pune

    51 minutes ago

    Default job background
    Description

    ESSENTIAL JOB FUNCTIONS :

    - Typical daily work will consist of performing advanced penetration tests on cloud-based and on-premises infra to identify security weaknesses and loopholes.

    - Perform Red teaming / Adversary emulations to simulate sophisticated cyberattacks and assess the effectiveness of existing security controls.

    - Conduct Purple team exercises in collaboration with Sec-Ops to assess the effectiveness of defensive measures and incident response capabilities through realistic attack simulation.

    - Develop and test custom exploits to demonstrate vulnerabilities and assess the potential impact on systems.

    - Execute social engineering attacks, such as phishing or vishing, to evaluate the organization's susceptibility to human-centric threats.

    - Perform Breach and Attack Simulations using BAS platform across the organization infrastructure.

    - Conduct comprehensive cloud penetration tests targeting AWS, Azure, GCP to identify and exploit misconfigurations, insecure interfaces, and vulnerabilities in cloud services and applications.

    - Assess and exploit weak IAM configurations, privilege escalation paths, and over-permissioned roles to identify security risks within cloud environments.

    - Collaborate with incident response team to provide insights and support during and after security incidents.

    - Regularly review and enhance penetration testing methodologies and practices to adapt to evolving threats and technologies.

    - Create detailed reports outlining findings from penetration tests, red team exercises, and vulnerability assessments that include clear, actionable recommendations for remediation and risk mitigation.

    MUST HAVE KNOWLEDGE, SKILLS & ABILITIES :


    - Proficiency in conducting penetration tests on internal networks, web applications, and systems to identify vulnerabilities and potential attack vectors.

    - Ability to simulate sophisticated adversary tactics, techniques, and procedures (TTPs) to mimic real-world cyber-attacks, including social engineering, spear-phishing, and advanced malware deployment.

    - Expertise in techniques for lateral movement within a compromised network, including pass-the-hash, RDP hijacking, and privilege escalation.

    - Ability to establish persistence using tools like Cobalt Strike, Empire, or custom scripts.

    - Skills in developing and deploying custom malware or payloads to evade traditional security controls like antivirus and endpoint detection and response (EDR) tools.

    - Experience with offensive security tools such as Metasploit, Burp Suite, Nmap, Cobalt Strike, Wireshark, and Kali Linux for conducting vulnerability assessments and penetration testing.

    - Ability to design and execute social engineering and phishing attacks to assess organizational awareness and vulnerability to human factor exploits.

    - Familiarity with common reconnaissance, exploitation, and post exploitation techniques.

    - Proficiency in testing web applications for vulnerabilities such as SQL injection, cross-site scripting (XSS), cross-site request forgery (CSRF), and other application-level attacks.

    - Strong Collaboration, Communication and Interpersonal skills with the ability to collaborate effectively with cross-functional teams, communicate complex technical concepts to non-technical stakeholders, and build consensus around security initiatives.

    - Solid understanding of emerging threats, vulnerabilities, and exploits and an ability to think outside the box and emulate adversarial approaches.

    - In-depth knowledge of major cloud platforms (AWS, Azure, GCP), including their security models, IAM roles, virtual private cloud (VPC) configurations, and cloud-native security tools.

    - Expertise in discovering and exploiting common cloud misconfigurations, including insecure storage buckets, overly permissive IAM roles, and weak security group rules.

    - Ability to design cloud-specific threat models and conduct red teaming exercises that simulate advanced attacks on cloud environments to evaluate organizational defenses.

    GOOD TO HAVE KNOWLEDGE, SKILLS & ABILITIES :

    - Excellent independent (self-motivational, organizational, personal project management) skills

    - High Expertise in performing offensive security assessments and penetration testing in cloud environments, identifying vulnerabilities, misconfigurations, and exploitation vectors unique to cloud infrastructures.

    - Good to have knowledge of DevSecOps practices and experience in assessing and securing Infrastructure as Code (IaC) tools and templates (e.g., Terraform, CloudFormation) to prevent vulnerabilities in cloud deployments.

    - Knowledge of vulnerability management and scanning best practices such as CVE database and the CVS System used for scoring vulnerabilities.

    - Experience on Breach and Attack Simulation (BAS) Tools like Cymulate, Pentera, Safebreach etc is a plus.

    (ref:hirist.tech)

  • Birlasoft

    Security Analyst

    39 minutes ago


    Birlasoft Pune

    Job Title: Security Analyst · Location: Pune (Hybrid - 3days in a week at office, 2 days wfh, Candidate needs to report to only Pune office) (Relocation is considerable) · Shift Timings: 1-10PM IST · Interview: 2 rounds · Position: 1 · Overall – 7+ years · Relevant – 5+ years · C ...


  • Strobes Security, Inc. pune

    Position Purpose: · Lead the hands-on execution of red team operations, contributing to reporting and debriefing, and conducting Proof of Concept exploits around vulnerabilities from a technical perspective. The candidate needs to work collaboratively as we ensure processes, proc ...


  • Birlasoft Pune

    Role : Cyber Security Analyst · Key Responsibilities : · - Security Monitoring : Continuously monitor network traffic and system activities for potential threats and anomalies. · - Threat Analysis : Analyze security incidents to determine their root cause and develop strategie ...


  • Right Advisors Private Limited Pune

    PROFILE : OT CYBER SECURITY ENGINEER. · JOB LOCATION : PUNE. · SKILLS : PLC, SCADA, FIREWALL etc. · EXPERIENCE : 2 to 6 Years. · QUALIFICATION : B.Tech/ B. · Job Description : OT Cyber Security Engineer. · Overview : · We are seeking a highly skilled and motivated OT Cyber Securi ...


  • Deutsche Bank Pune, India

    Job Description · Position Overview · Job Title: Information Security Analyst · Location: Pune, India · Role Description · The Information Security Analyst is responsible for supporting the execution of the Information Security strategy. The Information Security Analyst provides ...


  • Peoplefy Pune

    Must have skills: · Hands on experience with cybersecurity practices across various functional areas and cybersecurity operations. · Proficiency in one or more of the following platforms with combinations: Data Loss Prevention (DLP), Endpoint Detection and Response (EDR), antivir ...


  • LTIMindtree Pune

    Security Response Coordinator Role Overview · Experience- 3 to 5 years · Location - Hyderabad & Pune · willing to work in a 24X7 rotational shift model, including night shift. · Key-skills: Endpoint Security, SOC, Basics of Malware, Incident Management, EDR, and Antivirus. · As a ...


  • KONE Elevator India Pvt. Ltd Pune

    SAP SECURITY ANALYST : · Overview : · KONE Technology and Innovation (KTI) is where the magic happens at KONE. It's where we combine the physical world escalators and elevators with smart and connected digital systems. We are changing and improving the way billions of people mo ...


  • Evolent Pune, India

    Job Description · Your Future Evolves Here · Evolent Health has a bold mission to change the health of the nation by changing the way health care is delivered. Our pursuit of this mission is the driving force that brings us to work each day. We believe in embracing new ideas, cha ...


  • Antal International Network Pune, India

    Job Description · Job Description · Summarized Accountability: · We are seeking 5-6 years of experienced SAP [SAP Security and GRC analyst] to join our dynamic team. This role will involve working with various SAP modules to enhance, implement, and support business processes. The ...


  • PROFICIO Pune, India

    Job Description · Proficio is an award-winning managed detection and response (MDR) services provider. We provide 24/7 security monitoring, investigation, alerting and response services to organizations in healthcare, financial services, manufacturing, retail and other industries ...


  • Right Move Staffing Solutions Private Limited Pune

    We are seeking an Analyst Identity and Access Management professional for one of our esteemed clients in Pune with expertise in Cyberark, MFA/SSO, AD, Azure. · This Identity and Access Management analyst is responsible for assisting in the day-to-day operations of the Identity an ...


  • Crisil Limited Pune

    - Credit analyst for sovereign rating. · - Candidate required with economics background and good understanding of fundamental concepts, sovereign analysis, client management and communication. · Functional Responsibility/Domain Related: · - Support onshore analysts in carrying ou ...

  • Purview India Consulting And Services Llp

    Solution Analyst

    3 hours ago


    Purview India Consulting And Services Llp Pune

    Job Description · We are seeking a highly experienced Solution Analyst with 8+ years of experience in unsecured lending products such as credit cards and personal loans. · - Design and deliver architectural solutions for Lending products, ensuring alignment with business needs. · ...


  • NorthStar HR Consultants Pune

    Job Title - Cyber Threat Researcher (Dark Web Analyst) · Job Location - Pune · Position Overview: · Our client is seeking a skilled Cyber Threat Researcher (Dark Web Analyst) to identify, analyze, and mitigate emerging cyber threats targeting specific companies and our platform. ...


  • Luxoft India Pune

    Project description · Security is a global organization within Group Technology Infrastructure and Security Engineering. Our services focus on preventing and detecting cyber threats and securing our IT systems. We provide consolidated and reliable security services that implement ...

  • 3Columns

    SOC Analyst L2

    1 week ago


    3Columns Pune

    About 3Columns · 3Columns is a specialist cybersecurity firm that delivers a wide range of services, including security assurance, security governance, professional services, and managed services. · Solutions · Managed Security Services · Cybersecurity Consulting · The Role · We ...

  • Gruve

    Splunk Analyst

    1 week ago


    Gruve Pune

    Splunk Analyst – SOC Admin · At Gruve, we are seeking a highly skilled Splunk Analyst to join our Security Operations Center (SOC) team. The ideal candidate will have a strong background in IT and cybersecurity, with hands-on experience in Splunk administration. · Key Responsibil ...


  • NorthStar HR Consultants Pune

    Job Title - Senior Machine Learning Researcher · Job Location - Pune, Maharashtra · Role Overview As a Sr. Machine Learning Researcher specializing in security, you will apply your expertise in machine learning and cybersecurity to develop innovative solutions to detect, preven ...


  • TAC Security Pune

    Job description : · Key Responsibilities : · - Design, develop, and deploy AI/ML models for threat detection, anomaly detection, and incident response automation within the security domain. · - Analyze large volumes of security data to extract actionable insights and identify pa ...

Jobs
>
Pune