Cybersecurity Assessment Lead

NopalCyberHyderabad, Republic Of India, IN

30+ days ago

Job description

About NopalCyber

NopalCyber makes cybersecurity manageable, affordable, reliable, and powerful for companies that need to be resilient and compliant. Through Managed Extended Detection and Response (MXDR), Attack Surface Management (ASM), Breach and Attack Simulation (BAS), and Advisory Services, we fortify our clients’ cybersecurity across both offense and defence.

Our AI-driven Nopal360° platform, NopalGo mobile app, and proprietary Cyber Intelligence Quotient (CIQ) enable organizations to quantify, track, and visualize their cybersecurity posture in real time. We democratize enterprise-grade security operations for organizations of all sizes by lowering the barrier to entry while raising the bar for security and service.

Location : Nopal Cyber, Hyderabad (Work from Office, 5 Days a Week)

Employment Type : Full-time

Key Responsibilities

Perform advanced Vulnerability Assessment and Penetration Testing (VAPT) across external infrastructure, internal networks, web and mobile applications, APIs, and cloud environments (AWS, Azure, GCP).
Conduct CIS Benchmark-based hardening assessments and implementations across operating systems (Windows, Linux), databases, middleware, network devices, and cloud platforms.
Deliver customized hardening guides and security baselines mapped to client-specific compliance requirements and regulatory frameworks.
Execute Dynamic Application Security Testing (DAST) on web and API applications (both authenticated and unauthenticated) using enterprise-grade tools;

analyze, validate, and prioritize findings with actionable remediation guidance.

Run Breach and Attack Simulation (BAS) scenarios to test resilience against real-world adversary tactics, techniques, and procedures (TTPs).

Prepare comprehensive technical reports and executive-level summaries highlighting vulnerabilities, attack paths, misconfigurations, and compliance gaps.

Continuously research emerging attack vectors, zero-day vulnerabilities, DAST methodologies, and new CIS benchmark updates to refine assessment strategies.

Contribute to Ransomware Resiliency Assessments (RRA) by simulating ransomware behaviors and evaluating control effectiveness.

Required Skills & Experience

8–12 years of direct, hands-on cybersecurity consulting experience, with deep expertise in VAPT, CIS benchmarking, and application security testing (DAST).

Proven track record performing end-to-end penetration tests and dynamic application security scans using industry tools such as Burp Suite Pro, OWASP ZAP, Nessus, Qualys, Netsparker, Acunetix, and custom scripts.

Strong understanding of web application security flaws (OWASP Top 10, API security issues, authentication / authorization flaws, injection attacks, deserialization, SSRF, RCE, etc.) and ability to exploit and document them.

Solid understanding of network protocols, operating system behaviors, and common application security principles relevant to modern IT environments.

Hands-on experience with CIS Benchmark implementation and verification across diverse platforms, ensuring alignment with client compliance mandates.

Familiarity with BAS tools and adversary emulation frameworks to measure detection and response maturity.

Proficiency in scripting / automation (Python, PowerShell, Bash) to extend testing capabilities or validate findings.

Working knowledge of security architecture frameworks (e.G., SABSA) and threat modeling methodologies (e.G., STRIDE, kill chains, attack trees) to support risk-informed vulnerability assessments, hardening efforts, and remediation planning.

Ability to write and present detailed remediation reports, security recommendations, and compliance-aligned hardening outputs.

Strong communication skills to convey technical findings to technical and executive stakeholders.

Educational Qualifications

Bachelor’s degree in engineering, Computer Science, or related discipline.

CEH Certification (Mandatory) plus one or more advanced certifications :

OSCP (Offensive Security Certified Professional)

eCPPT (eLearn Security Certified Professional Penetration Tester)

CompTIA Pentest+

CRTP / CRTE (Certified Red Team Professional / Expert)

CIS-CAT Pro Assessor or equivalent CIS Benchmark credentials

Familiarity with MITRE ATT&CK and adversary simulation frameworks.

Personal attributes

Self-starter and quick learner requiring minimal ramp-up

Excellent written, oral, and interpersonal communication skills

Highly self-motivated, self-directed, and attentive to detail

Ability to effectively prioritize and execute tasks in a high-pressure environment

Create a job alert for this search

Cybersecurity • Hyderabad, Republic Of India, IN

Related jobs

Promoted

Cybersecurity Risk Assessment Lead

OLYMPUS MEDICAL SYSTEMS INDIA PRIVATE LIMITEDHyderabad, Republic Of India, IN

BS, Master or equivalent degree in Computer Engineering, Software Engineering, Cybersecurity or other related fields.Minimum of 5 years of professional experience within Information Technology, Sof...Show moreLast updated: 12 days ago

Promoted

Cybersecurity Integration Engineer

Tata Consultancy ServicesHyderabad, Republic Of India, IN

TCS is Hiring – Saviynt / IAM Integration.Are you skilled in Saviynt and passionate about Identity & Access Management (IAM) and Integration Technologies?. Here’s your chance to join Tata Consultanc...Show moreLast updated: 5 days ago

Promoted

Cybersecurity Specialist

Tata Consultancy ServicesHyderabad, Republic Of India, IN

Experience with the design, configuration, implementation and troubleshooting of Juniper Firewall, Cisco ASA / FTD, Palo alto VM series, firepower IDS / IPS, Zscaler proxy, Citrix Netscaler and WAF.Res...Show moreLast updated: 30+ days ago

Promoted

Director, Cyber Risk & Compliance

NopalCyberHyderabad, Republic Of India, IN

Promoted

Senior Cybersecurity Compliance Specialist

Tata Consultancy ServicesHyderabad, Republic Of India, IN

Need an SME with over 6+ years of experience in GRC and specialization in SEBI’s CSCRF.The candidate should be able to guide and drive the organization’s CSCRF implementation.Expert on Cyber Securi...Show moreLast updated: 12 days ago

Promoted

Threat Analysis And Risk Assessment (Tara) Specialist Of R&D Product Cybersecurity

OLYMPUS MEDICAL SYSTEMS INDIA PRIVATE LIMITEDHyderabad, Republic Of India, IN

Promoted

Cybersecurity Engineer

HashiraHyderabad, Republic Of India, IN

Hashira is an R&D studio focused on solving complex infrastructure challenges in blockchain and AI.Our work supports projects like Ren, KeeperDAO (Rook), Catalog, and Garden, which have collectivel...Show moreLast updated: 11 days ago

Promoted

Cybersecurity Strategy and Implementation Lead

Tata Consultancy ServicesHyderabad, Republic Of India, IN

Promoted

Threat Analysis and Risk Assessment (TARA) Specialist of R&D Product Cybersecurity

OLYMPUS MEDICAL SYSTEMS INDIA PRIVATE LIMITEDHyderabad, Telangana, India

Promoted

Senior Manager IS Cyber Culture & Awareness

MashreqHyderabad, IN

The Cyber Security Awareness Specialist plays a critical role in maturing Mashreq Bank’s cyber security awareness program. The specialist is responsible for fostering a culture where Cybersecurity i...Show moreLast updated: 13 days ago

Promoted

Vulnerability Management & Remediation Lead

ValueLabsHyderabad, Republic Of India, IN

We are seeking a skilled and detail-oriented.Cybersecurity Risk & Vulnerability Engineer.The ideal candidate will have hands-on experience with industry-standard tools and frameworks, and a strong ...Show moreLast updated: 2 days ago

Promoted

Cybersecurity Analyst

alliantgroupHyderabad, Republic Of India, IN

The company was founded in 2002 and is headquartered in Houston, Texas.These credits and incentives are designed to encourage businesses to invest in certain types of activities, such as research a...Show moreLast updated: 30+ days ago

Promoted

Cybersecurity Vulnerability and SBOM Specialist

OLYMPUS MEDICAL SYSTEMS INDIA PRIVATE LIMITEDHyderabad, Republic Of India, IN

Promoted

Cybersecurity Specialist - R&D

OLYMPUS MEDICAL SYSTEMS INDIA PRIVATE LIMITEDHyderabad, Republic Of India, IN

BS, Master or equivalent degree in Computer Engineering, Software Engineering, Cybersecurity or other related fields.Minimum of 7 years of professional experience within Information Technology, Sof...Show moreLast updated: 12 days ago

Promoted

Cybersecurity Assessment Manager

NopalCyberHyderabad, Republic Of India, IN

NopalCyber makes cybersecurity manageable, affordable, reliable, and powerful for companies that need to be resilient and compliant. Managed extended detection and response (MXDR), attack surface ma...Show moreLast updated: 3 days ago

Promoted

Cybersecurity Solutions Architect

Staffington GlobalHyderabad, Republic Of India, IN

Cybersecurity experience with minimum 5 years as Cybersecurity Architect or Lead Engineer.Bachelor’s degree in information Cybersecurity, Cybersecurity Assurance, Computer Science or related fields...Show moreLast updated: 30+ days ago

Promoted
New!

Senior Cybersecurity Engineer - Vulnerability Management

FACTSETHyderabad, India

FactSet creates flexible, open data and software solutions for over 200,000 investment professionals worldwide, providing instant access to financial data and analytics that investors use to make c...Show moreLast updated: 17 hours ago

Promoted

Cybersecurity Analyst

ValueLabsHyderabad, Republic Of India, IN

Incident Handling & Response, Phishing email Analysis.SIEM Platforms- Monitoring, Analysis, Alerts & Reports ( LogRhythm Preferably). Knowledge of OSI layers & Protocols.Network & Host based Firewal...Show moreLast updated: 12 days ago