Jr. Information Security Engineer| Information Security

Infibeam Avenues Ltd.
Pune, Maharashtra

Quick apply

Job details

14 days ago

Qualifications

Vulnerability assessment
Computer Science
CISSP
Information Systems
Windows
Information security
CEH
Nessus
Information Security
Bachelor's degree
Metasploit
Burp Suite
APIs
B.E.
Linux
Nmap
Information Technology

Full job description

Job Overview

We are seeking a passionate and driven Junior Information Security Engineer to join our growing Information security team. In this role, your primary focus will be on Vulnerability Assessment and Penetration Testing (VAPT), with a heavy emphasis on Web Application Penetration Testing (WAPT).

You will work closely with senior engineers to identify, exploit, and help remediate security vulnerabilities across our digital assets.

Key Responsibilities

1. Security Testing & VAPT

Conduct regular Vulnerability Assessments and Penetration Testing (VAPT) on web applications, APIs, and network infrastructure.
Perform deep-dive Web Application Penetration Testing (WAPT) to identify flaws in logic, authentication, and session management.
Utilize Burp Suite Professional/Enterprise extensively for automated scanning, manual intercepting, fuzzing, and custom payload injection.

2. Analysis & Remediation

Analyze scan results and manual testing findings to eliminate false positives and document valid vulnerabilities.
Map findings against industry-standard frameworks like the OWASP Top 10.
Collaborate with development and engineering teams to provide clear, actionable remediation guidance for fixing discovered bugs.

3. Reporting & Documentation

Assist in drafting comprehensive technical security reports for both technical and non-technical stakeholders.
Keep security documentation, testing methodologies, and internal knowledge bases up to date.

Preferred Skills

Hands-on Experience: Strong foundational knowledge and practical experience using Burp Suite (Proxy, Repeater, Intruder, Collaborator).
Web Security Concepts: Deep understanding of web application architectures, HTTP protocols, and common vulnerabilities (e.g., SQLi, XSS, CSRF, IDOR, SSRF).
Tooling: Familiarity with other standard security tools such as Nmap, OWASP ZAP, Metasploit, Nikto, and Nessus.
OS Knowledge: Comfort working with both Linux and Windows environments.

Preferred Qualifications:

0-2 years of experience in Information Security
BSC/BE/B.Tech Computer Science/Information Technology or any similar degree
CISSP - Certified Information Systems Security Professional, CEH - Certified Ethical Hacker, ISO-27001 – Information Security Management Systems Lead Auditor, BSC (Burp Suite Certified Practitioner), OSCP (Offensive Security Certified Professional)

Quick apply

Jobseeker tools

Employer Tools

Browse

Stay Connected