Cutshort logo
Fonada cover picture
Founded :
2014
Type :
Products & Services
Size :
20-100
Stage :
Profitable

About

Experience the future of communication with Fonada's Next-Gen CPaaS. Revolutionizing communication solutions for businesses.
Read more

Company social profiles

bloginstagramlinkedintwitterfacebook

Jobs at Fonada

Fonada
at Fonada
Karandeep Singh
Posted by Karandeep Singh
icon

The recruiter has not been active on this job recently. You may apply but please expect a delayed response.

Noida
7 - 10 yrs
₹15L - ₹20L / yr
Cyber Security
Information security
Network Security
DevSecOps
Ethical Hacking
+5 more

About the Role 

We are seeking an experienced Cyber Security Specialist who can operate across both offensive and defensive security disciplines. This dual-role professional will lead Vulnerability Assessment and Penetration Testing (VAPT) engagements, act as the in-house Red Team to simulate real-world adversaries, and own the implementation and continuous improvement of the Information Security Management System (ISMS) aligned with ISO/IEC 27001 and related standards. You will combine hands-on offensive security work with governance, audit readiness, and stakeholder engagement across engineering, IT, legal, and executive leadership. 


Key Responsibilities 

VAPT & Red Team Operations 

  • Plan, scope, and execute end-to-end Vulnerability Assessment and Penetration Testing (VAPT) engagements across web applications, mobile apps, APIs, networks, cloud environments, wireless, and physical infrastructure. 
  • Act as the organization's in-house Red Team, simulating advanced persistent threat (APT) actors through adversary emulation, social engineering, phishing campaigns, and physical intrusion testing where authorized. 
  • Design and execute Red Team operations aligned with MITRE ATT&CK, TIBER-EU, and similar frameworks; develop custom Tactics, Techniques, and Procedures (TTPs). 
  • Conduct manual and automated exploitation, post-exploitation, lateral movement, privilege escalation, and persistence testing in production-like environments. 
  • Develop custom exploits, payloads, scripts, and tooling (Python, PowerShell, Bash, C/C++, Go) to bypass security controls during sanctioned engagements. 
  • Perform source code reviews, threat modeling, and secure architecture reviews of new and existing systems. 
  • Coordinate Purple Team exercises with the Blue Team / SOC to validate detection coverage and improve defensive playbooks. 
  • Produce high-quality VAPT and Red Team reports with executive summaries, technical findings, proof-of-concept exploits, risk ratings (CVSS), and prioritized remediation guidance. 
  • Re-test remediated findings and track closure with engineering and IT teams through to verification. 

ISO Compliance & Governance 

  • Lead the implementation, maintenance, and continual improvement of the ISMS in line with ISO/IEC 27001:2022, including scope definition, Statement of Applicability (SoA), and risk treatment plans. 
  • Own and maintain ISO policies, procedures, controls, and documentation across the organization, ensuring alignment with ISO 27001, ISO 27017, ISO 27018, and ISO 22301. 
  • Plan and coordinate internal and external audits; serve as the primary liaison with certification bodies, auditors, and regulators. 
  • Conduct risk assessments, business impact analyses (BIA), and threat modeling; maintain a central risk register and drive remediation. 
  • Map VAPT and Red Team findings to ISO 27001 Annex A controls and feed results into the risk management lifecycle. 
  • Support compliance with adjacent frameworks: SOC 2, NIST CSF, GDPR, HIPAA, PCI-DSS, and DPDP Act (India), as applicable. 
  • Define and report security and compliance KPIs/KRIs to senior leadership; prepare materials for management reviews and board updates. 
  • Develop and deliver security awareness training, phishing simulations, and role-based secure-coding training. 
  • Drive third-party / vendor risk management, including security questionnaires, contractual clauses, and ongoing monitoring. 
  • Partner with engineering and DevOps to embed security into the SDLC, CI/CD pipelines, and cloud architectures (DevSecOps). 

Incident Response & Continuous Improvement 

  • Support incident response activities: detection, triage, containment, eradication, recovery, and post-incident reviews. 
  • Maintain business continuity and disaster recovery plans; coordinate BCP/DR testing and tabletop exercises. 
  • Stay current on emerging threats, CVEs, attacker techniques, regulatory changes, and ISO standard updates; recommend and drive improvements. 

Required Qualifications 

  • 8+ years of progressive experience in cyber security, with at least 4 years in hands-on offensive security (VAPT, penetration testing, or Red Team) and 3+ years in ISO 27001 implementation and audits. 
  • Proven track record of leading VAPT engagements across web, mobile, API, network, cloud (AWS / Azure / GCP), and wireless environments. 
  • Hands-on experience executing Red Team operations and adversary emulation aligned with MITRE ATT&CK. 
  • Deep proficiency with offensive security tooling: Burp Suite Pro, Metasploit, Cobalt Strike (or open-source equivalents like Sliver, Mythic, Havoc), Nmap, Nessus, Nuclei, BloodHound, Impacket, Responder, and OWASP ZAP. 
  • Strong scripting and exploit development skills in Python, PowerShell, Bash, and at least one compiled language (C/C++, Go, or Rust). 
  • Proven hands-on experience leading an organization through ISO 27001 certification and surveillance audits end-to-end. 
  • Strong working knowledge of ISO/IEC 27001:2022 (including Annex A controls), ISO 27002, ISO 27017, ISO 27018, and ISO 22301. 
  • Solid understanding of security domains: IAM, network security, endpoint security, cloud security, application security (OWASP Top 10, API Security Top 10), and Active Directory attack paths. 
  • Experience with risk assessment methodologies (ISO 27005, NIST 800-30) and the ability to translate offensive findings into business risk. 
  • Strong report-writing, policy-drafting, and executive communication skills. 
  • Bachelor's degree in Computer Science, Information Security, Engineering, or a related field (or equivalent experience). 

Preferred Qualifications 

  • Offensive security certifications: OSCP, OSEP, OSWE, OSED, CRTO, CRTP, CRTE, CRTL, GPEN, GXPN, GWAPT, or CEH Practical. 
  • Governance certifications: ISO 27001 Lead Implementer and/or Lead Auditor, CISSP, CISM, CISA, or CRISC. 
  • Cloud security certifications (CCSP, AWS Security Specialty, Azure Security Engineer, or GCP Professional Cloud Security Engineer). 
  • Published CVEs, security research, bug bounty achievements, or contributions to open-source security tools. 
  • Experience with Active Directory / Entra ID red teaming, Kerberos attacks, and modern EDR/XDR evasion techniques. 
  • Experience with container, Kubernetes, and serverless security testing. 
  • Experience implementing or auditing additional frameworks: SOC 2 Type II, NIST CSF, NIST 800-53, HITRUST, or PCI-DSS. 
  • Experience with GRC platforms (Vanta, Drata, Sprinto, ServiceNow GRC, Archer, OneTrust). 
  • Experience in regulated industries: financial services, healthcare, SaaS, or critical infrastructure. 
  • Experience briefing executive leadership, customers, and external auditors on offensive findings and remediation strategy. 


Read more
Fonada
at Fonada
Karandeep Singh
Posted by Karandeep Singh
Noida
5 - 8 yrs
₹15L - ₹20L / yr
DevOps
skill iconAmazon Web Services (AWS)
Microsoft Windows Azure
Google Cloud Platform (GCP)
VMware vSphere
+8 more


About the Role 

We are looking for a Senior DevOps Engineer to lead the design, automation, and scaling of our hybrid cloud infrastructure spanning public cloud and private/on-premises environments. You will partner closely with software engineering, security, and product teams to build reliable, secure, and high-performance systems that support rapid product delivery. This is a hands-on role with significant influence over our infrastructure strategy, deployment workflows, and engineering culture. 


Key Responsibilities 

  • Architect, deploy, and maintain scalable, highly available infrastructure across both public cloud (AWS, Azure, GCP) and private cloud platforms (OpenStack, VMware vSphere/Tanzu, Nutanix, or similar). 
  • Operate and maintain on-premises infrastructure: hypervisors, compute, storage (Ceph, NetApp, SAN/NAS), networking (SDN, VLANs, BGP, MPLS), and hardware capacity planning, alongside their public cloud equivalents. 
  • Design and own CI/CD pipelines that deploy seamlessly across public and private environments. 
  • Implement and manage Infrastructure as Code (Terraform, Ansible, Pulumi) with strong version control and review practices, using providers for both public and private cloud platforms. 
  • Manage container orchestration (Kubernetes, ECS, OpenShift, Rancher) across managed cloud services and self-managed/bare-metal clusters, including upgrades, autoscaling, and workload reliability. 
  • Build observability into all systems through logging, metrics, tracing, and alerting (Prometheus, Grafana, Datadog, ELK, or similar) with unified visibility across hybrid environments. 
  • Champion security best practices: secrets management, IAM hardening, network segmentation, vulnerability scanning, and compliance (SOC 2, ISO 27001, HIPAA, or data-sovereignty requirements). 
  • Lead incident response, root-cause analysis, and post-mortems; drive long-term reliability improvements and SLO/SLA adherence. 
  • Optimize cost, capacity, and resource utilization across public cloud spend and on-premises hardware without compromising performance or availability. 
  • Partner with data center operations and network providers on hardware provisioning, firmware management, MPLS circuit management, and lifecycle planning. 
  • Mentor junior DevOps and software engineers; promote DevOps culture, automation-first thinking, and shared ownership of production. 
  • Evaluate and introduce new tools, platforms, and processes that improve developer productivity and system reliability. 

Required Qualifications 

  • 5+ years of experience in DevOps, SRE, or Platform Engineering roles, with at least 2 years at a senior level. 
  • Deep expertise with at least one major public cloud provider (AWS, Azure, or GCP) in production. 
  • Hands-on experience operating private cloud or virtualization platforms (OpenStack, VMware, Nutanix, or equivalent) in production. 
  • Strong experience with virtualization, storage systems, and enterprise networking in on-premises environments. 
  • Strong hands-on experience with Kubernetes in production, including both managed cloud and self-managed/bare-metal clusters. 
  • Proficiency in Infrastructure as Code (Terraform and Ansible strongly preferred). 
  • Solid scripting and programming skills in Python, Go, Bash, or similar. 
  • Experience designing and operating CI/CD pipelines using tools such as GitHub Actions, GitLab CI, Jenkins, CircleCI, or ArgoCD. 
  • Strong Linux systems administration and networking fundamentals (TCP/IP, DNS, load balancing, VPNs, firewalls, routing, MPLS). 
  • Experience with monitoring and observability stacks (Prometheus, Grafana, Datadog, New Relic, ELK, or OpenTelemetry). 
  • Proven track record of leading incident response and improving system reliability. 
  • Excellent communication skills and the ability to collaborate across engineering, security, infrastructure, and product teams. 

Preferred Qualifications 

  • Experience designing hybrid and multi-cloud architectures, including secure connectivity (Direct Connect, ExpressRoute, MPLS, VPN, SD-WAN) between public and private environments. 
  • Familiarity with service meshes (Istio, Linkerd), API gateways, and GitOps workflows (ArgoCD, Flux). 
  • Background in security-focused or regulated environments and exposure to compliance frameworks. 
  • Experience with database administration (PostgreSQL, MySQL, Redis, MongoDB) in cloud-managed and self-hosted setups. 
  • Contributions to open-source DevOps or cloud infrastructure tooling. 
  • Relevant certifications (AWS Solutions Architect / DevOps Engineer, Azure Administrator, CKA, CKAD, RHCE, VMware VCP, OpenStack Certified Administrator, HashiCorp Terraform Associate). 


Read more
Fonada
at Fonada
Karandeep Singh
Posted by Karandeep Singh
icon

The recruiter has not been active on this job recently. You may apply but please expect a delayed response.

Noida
10 - 20 yrs
₹20L - ₹35L / yr
Asterisk
IVR
skill iconSpring Boot
RabbitMQ
Microservices
+6 more

Role Overview

We are looking for a hands-on Senior Telephony Engineer who actively writes production-grade code and has deep experience with Asterisk-based systems, Java backend development, and high-scale dialler platforms.


Key Responsibilities

This is NOT an architecture-only role we need someone who can:

  • Write code
  • Debug real-time call issues
  • Build and optimize telephony flows end-to-end
  • Key Responsibilities (Hands-on Coding Focus)
  • Develop and maintain Asterisk dialplans, AGI scripts, and call flows
  • Build Java-based backend services for telephony control and orchestration
  • Implement and optimize predictive / preview / progressive diallers
  • Integrate telephony stack with:

Kafka

RabbitMQ

  • Write scalable code for call routing, retry logic, and queue handling
  • Work directly on SIP signalling, RTP flows, and debugging call issues
  • Handle real-time call events, CDR processing, and logging pipelines
  • Optimize systems for high concurrency (thousands of parallel calls)
  • Debug production issues like:

Call drops

Latency

One-way audio

SIP failures


Qualifications & Skills

  • Bachelors degree in Computer Engineering; Masters is a plus.
  • Telephony (Core Requirement)
  • Strong hands-on experience with Asterisk
  • Deep knowledge of:

SIP / RTP / VoIP

Dialplans

AGI / AMI

  • Experience building or maintaining dialers (very important)
  • Backend Development
  • Strong coding skills in Java (Spring Boot preferred)
  • Experience building microservices / APIs
  • Comfortable writing high-performance, low-latency code
  • Messaging & Event Systems
  • Hands-on experience with:

Apache Kafka

RabbitMQ

  • Ability to implement event-driven systems
  • Scaling & Performance
  • Experience handling high call volumes (1000+ concurrent calls)


Understanding of:

  • Multi-threading
  • Queue management
  • Load handling
  • Good to Have
  • Experience with predictive dialers
  • Exposure to WebRTC / real-time communication
  • Experience with Docker / Kubernetes
  • Understanding of TRAI / Indian telecom ecosystem
  • Experience with FreeSWITCH (bonus)


What We Are NOT Looking For

  • Pure solution architects who dont code
  • People with only theoretical telecom knowledge
  • Candidates without real dialer / Asterisk production experience


What We Are Looking For

Someone who has:

  • Written real dialplans and backend code
  • Debugged live call issues
  • Worked on production telephony systems
  • A problem solver who can go deep into logs, packets, and code


Impact of the Role

You will directly contribute to building a high-scale telephony + AI voice platform, working on real-time systems that handle thousands of concurrent calls.

Read more
Did not find a job you were looking for?
icon
Search for relevant jobs from 10000+ companies such as Google, Amazon & Uber actively hiring on Cutshort.
companies logo
companies logo
companies logo
companies logo
companies logo

Similar companies

Cutshort cover picture
Cutshort's logo

Cutshort

https://cutshort.io
Founded
2015
Type
Product
Size
20-100
Stage
Profitable

About the company

To hire better and faster, companies need rich candidate data, smart software and sound human judgement.


Cutshort is using AI to combine all these 3 to offer a 10x talent sourcing solution that is faster, better and cheaper.


We have 3 AI-powered offerings

  1. Hire using our AI platform: Affordable annual subscriptions
  2. Get only sourcing: 3.5% of annual CTC when you hire
  3. Get full recruiting: 6.99% of annual CTC when you hire


Customers such as Fractal, Sprinto, Shiprocket, Highlevel, ThoughtWorks, Deepintent have built strong engineering teams with Cutshort.

Jobs

2

Phenom People cover picture
Phenom People's logo

Phenom People

https://phenompeople.com
Founded
2010
Type
Product
Size
1000-5000
Stage
Profitable

About the company

Talent Relationship Marketing helps candidates find the right jobs and makes recruiters more productive. Stop recruiting. Start Relationship Marketing.

Jobs

1

Inferigence Quotient cover picture
Inferigence Quotient's logo

Inferigence Quotient

https://inferq.com
Founded
2017
Type
Products & Services
Size
20-100
Stage
Bootstrapped

About the company

Deep Tech Startup Focusing on Autonomy and Intelligence for Unmanned Systems. Guidance and Navigation, AI-ML, Computer Vision, Information Fusion, LLMs, Generative AI, Remote Sensing

Jobs

4

Alpha cover picture
Alpha's logo

Alpha

https://get-alpha.ai/careers
Founded
2025
Type
Products & Services
Size
0-20
Stage
Bootstrapped

About the company

Alpha brings a new AI native environment to build effective and reliable AI agents with no code.

Jobs

1

Zan - Zari Group cover picture
Zan - Zari Group's logo

Zan - Zari Group

https://bookaheadnow.com
Founded
2025
Type
Services
Size
0-20
Stage
Bootstrapped

About the company

Jobs

2

Founded
2021
Type
Products & Services
Size
10-50
Stage
Bootstrapped

About the company

BPO Hirings

Jobs

13

FreeADS cover picture
FreeADS's logo

FreeADS

https://freeads.no
Founded
2025
Type
Products & Services
Size
0-20
Stage
Bootstrapped

About the company

Jobs

2

Founded
2014
Type
Products & Services
Size
100-1000
Stage
Bootstrapped

About the company

About Discover Dollar

Discover Dollar helps large enterprises recover lost profit through AP recovery audits, contract compliance reviews, and profit leakage prevention. We work with major retail, manufacturing, CPG, healthcare, and insurance organizations including Target, ABInBev, Carrier, Canadian Tire, etc., to find and recover money that falls through the cracks of complex procure-to-pay processes

Jobs

9

Founded
Type
Size
Stage

About the company

Jobs

5

OpenAssets Inc cover picture
OpenAssets Inc's logo

OpenAssets Inc

https://openassets.to
Founded
2020
Type
Products & Services
Size
0-20
Stage
Raised funding

About the company

OpenAssets is establishing open standards for the next generation of capital markets—the trusted partner for institutions building infrastructure for real-world asset tokenization and digital currencies.

Jobs

3

Want to work at Fonada?
Fonada's logo
Why apply via Cutshort?
Connect with actual hiring teams and get their fast response. No spam.
Find more jobs