Cybersecurity Assessment LeadNopalCyber • Hyderabad, Republic Of India, IN

Cybersecurity Assessment Lead

NopalCyber • Hyderabad, Republic Of India, IN

30+ days ago

Job description

About NopalCyber

NopalCyber makes cybersecurity manageable, affordable, reliable, and powerful for companies that need to be resilient and compliant. Through Managed Extended Detection and Response (MXDR), Attack Surface Management (ASM), Breach and Attack Simulation (BAS), and Advisory Services, we fortify our clients’ cybersecurity across both offense and defence.

Our AI-driven Nopal360° platform, NopalGo mobile app, and proprietary Cyber Intelligence Quotient (CIQ) enable organizations to quantify, track, and visualize their cybersecurity posture in real time. We democratize enterprise-grade security operations for organizations of all sizes by lowering the barrier to entry while raising the bar for security and service.

Location : Nopal Cyber, Hyderabad (Work from Office, 5 Days a Week)

Employment Type : Full-time

Key Responsibilities

Perform advanced Vulnerability Assessment and Penetration Testing (VAPT) across external infrastructure, internal networks, web and mobile applications, APIs, and cloud environments (AWS, Azure, GCP).
Conduct CIS Benchmark-based hardening assessments and implementations across operating systems (Windows, Linux), databases, middleware, network devices, and cloud platforms.
Deliver customized hardening guides and security baselines mapped to client-specific compliance requirements and regulatory frameworks.
Execute Dynamic Application Security Testing (DAST) on web and API applications (both authenticated and unauthenticated) using enterprise-grade tools;

analyze, validate, and prioritize findings with actionable remediation guidance.

Run Breach and Attack Simulation (BAS) scenarios to test resilience against real-world adversary tactics, techniques, and procedures (TTPs).

Prepare comprehensive technical reports and executive-level summaries highlighting vulnerabilities, attack paths, misconfigurations, and compliance gaps.

Continuously research emerging attack vectors, zero-day vulnerabilities, DAST methodologies, and new CIS benchmark updates to refine assessment strategies.

Contribute to Ransomware Resiliency Assessments (RRA) by simulating ransomware behaviors and evaluating control effectiveness.

Required Skills & Experience

8–12 years of direct, hands-on cybersecurity consulting experience, with deep expertise in VAPT, CIS benchmarking, and application security testing (DAST).

Proven track record performing end-to-end penetration tests and dynamic application security scans using industry tools such as Burp Suite Pro, OWASP ZAP, Nessus, Qualys, Netsparker, Acunetix, and custom scripts.

Strong understanding of web application security flaws (OWASP Top 10, API security issues, authentication / authorization flaws, injection attacks, deserialization, SSRF, RCE, etc.) and ability to exploit and document them.

Solid understanding of network protocols, operating system behaviors, and common application security principles relevant to modern IT environments.

Hands-on experience with CIS Benchmark implementation and verification across diverse platforms, ensuring alignment with client compliance mandates.

Familiarity with BAS tools and adversary emulation frameworks to measure detection and response maturity.

Proficiency in scripting / automation (Python, PowerShell, Bash) to extend testing capabilities or validate findings.

Working knowledge of security architecture frameworks (e.G., SABSA) and threat modeling methodologies (e.G., STRIDE, kill chains, attack trees) to support risk-informed vulnerability assessments, hardening efforts, and remediation planning.

Ability to write and present detailed remediation reports, security recommendations, and compliance-aligned hardening outputs.

Strong communication skills to convey technical findings to technical and executive stakeholders.

Educational Qualifications

Bachelor’s degree in engineering, Computer Science, or related discipline.

CEH Certification (Mandatory) plus one or more advanced certifications :

OSCP (Offensive Security Certified Professional)

eCPPT (eLearn Security Certified Professional Penetration Tester)

CompTIA Pentest+

CRTP / CRTE (Certified Red Team Professional / Expert)

CIS-CAT Pro Assessor or equivalent CIS Benchmark credentials

Familiarity with MITRE ATT&CK and adversary simulation frameworks.

Personal attributes

Self-starter and quick learner requiring minimal ramp-up

Excellent written, oral, and interpersonal communication skills

Highly self-motivated, self-directed, and attentive to detail

Ability to effectively prioritize and execute tasks in a high-pressure environment

Create a job alert for this search

Cybersecurity • Hyderabad, Republic Of India, IN

Related jobs

Cybersecurity Risk Assessment Lead

OLYMPUS MEDICAL SYSTEMS INDIA PRIVATE LIMITED • Hyderabad, Republic Of India, IN

BS, Master or equivalent degree in Computer Engineering, Software Engineering, Cybersecurity or other related fields.Minimum of 5 years of professional experience within Information Technology, Sof...Show more

Last updated: 22 days ago • Promoted

Lead Cybersecurity

Confidential • Hyderabad / Secunderabad, Telangana, India

Deep knowledge of network application and mobility security, security systems design, policy development, compliance, and incident response. Bachelor's degree in computer science, Information System...Show more

Last updated: 15 days ago • Promoted

Senior Associate - Lead Security Operations Engineer

Deutsche Börse Group • Hyderabad, India

In your new position, you will become a member of the Cyber Defense team, part of Group Security.Cyber Defense team is responsible for all aspects of Security Information and Event Management (SIEM...Show more

Last updated: 3 days ago • Promoted

Threat Analysis And Risk Assessment (Tara) Specialist Of R&D Product Cybersecurity

OLYMPUS MEDICAL SYSTEMS INDIA PRIVATE LIMITED • Hyderabad, Republic Of India, IN

Last updated: 22 days ago • Promoted

Cyber Defense & Resilience - SIEM Platform Lead

Deloitte • Hyderabad, Telangana, India

Deloitte helps organizations prevent cyberattacks and protect valuable assets.We believe in being secure, vigilant, and resilient—not only by looking at how to prevent and respond to attacks, but a...Show more

Last updated: 7 days ago • Promoted

Lead Cybersecurity Engineer

Deutsche Börse Group • Hyderabad, Republic Of India, IN

Headquartered in Frankfurt, Germany, Deutsche Börse Group is a leading international exchange organization and market infrastructure provider. They empower investors, financial institutions, and com...Show more

Last updated: 15 days ago • Promoted

Cyber Defense & Resilience - Siem Platform Lead

Deloitte • Hyderabad, Republic Of India, IN

Last updated: 8 days ago • Promoted

Cybersecurity Lead(6 months contract)

Sekuro Asia • Hyderabad, IN

Our client oversees and operates digital asset-related businesses.Our client aims to transform the financial industry by building a tech-enabled institutional grade ecosystem for issuance, distribu...Show more

Last updated: 1 day ago • Promoted

Cybersecurity Operations Lead

Deloitte • Hyderabad, Republic Of India, IN

Last updated: 7 days ago • Promoted

Cybersecurity Strategy and Implementation Lead

Tata Consultancy Services • Hyderabad, Republic Of India, IN

Need an SME with over 6+ years of experience in GRC and specialization in SEBI’s CSCRF.The candidate should be able to guide and drive the organization’s CSCRF implementation.Expert on Cyber Securi...Show more

Last updated: 22 days ago • Promoted

Senior Cybersecurity Engineer - Secrets Management

FACTSET • Hyderabad, India

FactSet creates flexible, open data and software solutions for over 200,000 investment professionals worldwide, providing instant access to financial data and analytics that investors use to make c...Show more

Last updated: 30+ days ago • Promoted

Senior Manager IS Cyber Culture & Awareness

Mashreq • Hyderabad, IN

The Cyber Security Awareness Specialist plays a critical role in maturing Mashreq Bank’s cyber security awareness program. The specialist is responsible for fostering a culture where Cybersecurity i...Show more

Last updated: 22 days ago • Promoted

Threat Analysis and Risk Assessment (TARA) Specialist of R&D Product Cybersecurity

OLYMPUS MEDICAL SYSTEMS INDIA PRIVATE LIMITED • Hyderabad, Telangana, India

Last updated: 22 days ago • Promoted

Vulnerability Management & Remediation Lead

ValueLabs • Hyderabad, Republic Of India, IN

We are seeking a skilled and detail-oriented.Cybersecurity Risk & Vulnerability Engineer.The ideal candidate will have hands-on experience with industry-standard tools and frameworks, and a strong ...Show more

Last updated: 12 days ago • Promoted

Lead-Red team

NopalCyber • Hyderabad, India

Last updated: 30+ days ago • Promoted

Tech Lead

CherryTechSolutions • Hyderabad, India

We are looking for an experienced, skilled, enthusiastic, and energetic Tech Lead to provide expert technical leadership in all aspects of our business. The Tech Lead will be responsible for all asp...Show more

Last updated: 30+ days ago • Promoted

Cybersecurity Assessment Manager

NopalCyber • Hyderabad, Republic Of India, IN

NopalCyber makes cybersecurity manageable, affordable, reliable, and powerful for companies that need to be resilient and compliant. Managed extended detection and response (MXDR), attack surface ma...Show more

Last updated: 13 days ago • Promoted

Cybersecurity Architect (BISO) - Hybrid

FACTSET • Hyderabad, India

Last updated: 30+ days ago • Promoted