Job Summary
We are seeking an experienced Senior Penetration Tester to join our cybersecurity team. The ideal candidate will have extensive experience performing penetration testing across web applications, APIs, cloud environments, internal and external networks, and mobile applications. You will identify security vulnerabilities, provide actionable remediation recommendations, and work closely with technical teams to strengthen the organization's security posture.
Key Responsibilities
- Conduct comprehensive penetration testing on web applications, APIs, mobile applications, cloud platforms, and network infrastructure.
- Perform vulnerability assessments and validate security findings.
- Execute internal and external network penetration tests.
- Perform cloud security assessments across AWS, Azure, and/or Google Cloud Platform.
- Identify, exploit, and document security vulnerabilities using industry-standard methodologies.
- Develop detailed penetration testing reports, including technical findings, business impact, proof of concept, and remediation recommendations.
- Perform red team assessments and simulate real-world attack scenarios.
- Conduct source code security reviews where required.
- Support incident response and forensic investigations when necessary.
- Mentor junior penetration testers and provide technical leadership.
- Stay current with emerging threats, vulnerabilities, and security best practices.
Required Skills & Experience
- 7+ years of experience in penetration testing or offensive security.
- Strong knowledge of web application security and the OWASP Top 10.
- Hands-on experience with network, infrastructure, wireless, API, and cloud penetration testing.
- Experience with Active Directory security assessments.
- Strong understanding of Windows, Linux, and networking protocols.
- Proficiency with scripting languages such as Python, Bash, or PowerShell.
- Experience using tools including Burp Suite Pro, Metasploit, Nmap, Nessus, Wireshark, Kali Linux, BloodHound, Cobalt Strike (or equivalent), and SQLMap.
- Experience with vulnerability management and security assessment frameworks.
- Excellent report writing, communication, and stakeholder management skills.
- Preferred Qualifications
- OSCP (mandatory or highly preferred)
- OSWE, OSEP, GPEN, GXPN, CEH, CISSP, or equivalent certifications
- Experience with cloud security (AWS, Azure, or GCP)
- Knowledge of DevSecOps, CI/CD security, and container security
- Experience conducting red team engagements and threat emulation
- Education
- Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or a related discipline, or equivalent practical experience.
Nice to Have
- Experience in financial services, government, healthcare, or other highly regulated industries.
- Knowledge of security frameworks such as NIST, ISO 27001, CIS Controls, and MITRE ATT&CK.
- Experience with threat hunting and security operations.
Pay: ₹549,110.46 - ₹1,863,571.37 per year
Application Question(s):
- Are you available to join immediately?
Experience:
- Penetration testing: 10 years (Required)
Work Location: Remote